CVE-2022-23682

Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete switch compromise in ArubaOS-CX version...

CVE-2022-23684

A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Successful exploitation of this vulnerability allows an attacker to escalate privileges beyond their...

CVE-2022-23680

AOS-CX lacks Anti-CSRF protections in place for state-changing operations. This can potentially be exploited by an attacker to execute commands in the context of another user in ArubaOS-CX Switches versions: AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX...

CVE-2022-23688

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an attacker to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-CX Switches versions:...

CVE-2022-23679

AOS-CX lacks Anti-CSRF protections in place for state-changing operations. This can potentially be exploited by an attacker to execute commands in the context of another user in ArubaOS-CX Switches versions: AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX...

CVE-2022-23681

Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete switch compromise in ArubaOS-CX version...

CVE-2022-23690

A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated attacker to fingerprint the exact version AOS-CX running on the switch. This allows an attacker to retrieve information which could be used to more precisely target the switch for further...

CVE-2022-23689

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an attacker to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-CX Switches versions:...

CVE-2022-23683

Authenticated command injection vulnerabilities exist in the AOS-CX Network Analytics Engine via NAE scripts. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system, leading to a complete...

CVE-2025-37156

A platform-level denial-of-service DoS vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional...

EUVD-2025-198070

A platform-level denial-of-service DoS vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional...

CVE-2025-37156

A platform-level denial-of-service DoS vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional...

CVE-2025-37156

A platform-level denial-of-service DoS vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional...

CVE-2025-37156

ArubaOS-CX is affected by a platform-level DoS vulnerability (CVE-2025-37156). According to connected sources, an attacker with administrative access could execute code that renders the switch non-bootable and effectively non-functional. Affected software is ArubaOS-CX; no specific versions are l...

CVE-2025-37156 ArubaOS-CX Platform-Level Denial-of-Service Vulnerability

A platform-level denial-of-service DoS vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional...

CVE-2025-37156 ArubaOS-CX Platform-Level Denial-of-Service Vulnerability

A platform-level denial-of-service DoS vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional...

PT-2025-47386

Name of the Vulnerable Software and Affected Versions ArubaOS-CX affected versions not specified Description A platform-level denial-of-service DoS issue exists in the software. Successful exploitation could allow an attacker with administrative access to execute code that renders the switch...

EUVD-2022-28630

Malicious code in bioql PyPI...

EUVD-2022-28626

Malicious code in bioql PyPI...

EUVD-2022-28621

Malicious code in bioql PyPI...