3 matches found
CVE-2026-44853
CVE-2026-44853 affects the web-based management interface on AOS-8 and AOS-10. A command-injection flaw could allow an authenticated remote attacker to upload arbitrary files to the underlying OS, potentially enabling remote code execution as a privileged user. The NVD/HPE records show a NETWORK ...
CVE-2025-37171
Aruba Networks’ AOS-8 web-based management interface is affected by an authenticated command-injection vulnerability. Exploitation could allow an authenticated attacker to execute arbitrary commands with elevated privileges on the underlying OS. Several sources (NCSC, RH Red Hat, NVD, CVE lists) ...
CVE-2025-37170 Authenticated Command Injection Vulnerabilities in AOS-8 Web-Based Management Interface
Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating...