CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

4.9CVSS6.9AI score0.0004EPSS

CVE-2025-37143

An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.9AI score0.0004EPSS

CVE-2025-37141

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.9AI score0.0004EPSS

CVE-2025-37142

6.5CVSS7.1AI score0.00072EPSS

CVE-2025-37135

Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system...

EUVD•added 2025/10/14 6:30 p.m.•0 views

EUVD-2025-34405

4.9CVSS6.4AI score0.0004EPSS

Exploits0References2

EUVD•added 2025/10/14 6:30 p.m.•1 views

EUVD-2025-34432

4.9CVSS6.4AI score0.0004EPSS

Exploits0References2

EUVD•added 2025/10/14 6:30 p.m.•1 views

EUVD-2025-34264

Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.4AI score0.00066EPSS

Exploits0References2

CVE-2025-37142

4.9CVSS0.0004EPSS

OSV•added 2025/10/14 5:15 p.m.•2 views

CVE-2025-37143

4.9CVSS5.9AI score

CVE-2025-37140

4.9CVSS0.0004EPSS

OSV•added 2025/10/14 5:15 p.m.•3 views

CVE-2025-37137

6.5CVSS5.9AI score0.00072EPSS

CVE-2025-37136

6.5CVSS0.00072EPSS

CVE-2025-37135

6.5CVSS0.00072EPSS

Cvelist•added 2025/10/14 5:2 p.m.•5 views

CVE-2025-37145 Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface

4.9CVSS0.00066EPSS

CVE•added 2025/10/14 5:2 p.m.•7 views

CVE-2025-37145

CVE-2025-37145 describes an authenticated arbitrary file download vulnerability in the low-level interface library of HPE ArubaOS AOS-10 GW and AOS-8 Controller/Mobility Conductor. The issue allows an authenticated actor to download arbitrary files via crafted requests. Affected products are Arub...

4.9CVSS6.5AI score0.00066EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/10/14 5:0 p.m.•1 views

CVE-2025-37143 Authenticated Arbitrary File Download Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web Interface (Physical Access Required)

4.9CVSS6.5AI score0.0004EPSS

Cvelist•added 2025/10/14 5:0 p.m.•3 views

CVE-2025-37143 Authenticated Arbitrary File Download Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web Interface (Physical Access Required)

4.9CVSS0.0004EPSS

Vulnrichment•added 2025/10/14 4:59 p.m.•1 views

CVE-2025-37141 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface

4.9CVSS6.5AI score0.0004EPSS

Vulnrichment•added 2025/10/14 4:57 p.m.•1 views

CVE-2025-37138 Authenticated Command Injection Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface (Physical Access Required)

An authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. Exploitation of this vulnerability requires physical access to the hardware controllers. A successful attack could allow an...

6.2CVSS7.3AI score0.00024EPSS