CVE-2026-23827

A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged use...

EUVD-2026-29753

A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged use...

CVE-2026-23826

A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitati...

CVE-2026-23827 Unauthenticated Remote Code Execution via Heap Buffer Overflow in Network Management Service

A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged use...

CVE-2026-23827 Unauthenticated Remote Code Execution via Heap Buffer Overflow in Network Management Service

A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged use...

CVE-2026-23827

CVE-2026-23827 involves a heap-based buffer overflow in the Network management service of AOS-8 and AOS-10. The issue allows an unauthenticated remote attacker to achieve remote code execution with privileges on the underlying OS, potentially leading to a full system compromise. Exploitation may ...

CVE-2026-23826

CVE-2026-23826 affects the AOS-8 Operating System’s network management service. An unauthenticated remote attacker can send specially crafted network packets to the affected device, potentially causing a denial-of-service by terminating the service process and disrupting normal device operations....

CVE-2026-23826 Unauthenticated Denial of Service in AOS-8 Network Management Service

A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitati...

PT-2026-40353

Name of the Vulnerable Software and Affected Versions AOS-8 Operating System affected versions not specified Description A flaw in a network management service allows an unauthenticated remote attacker to cause a denial-of-service condition by sending specially crafted network packets. This can...

PT-2026-40354

Name of the Vulnerable Software and Affected Versions AOS-8 affected versions not specified AOS-10 affected versions not specified Description A heap-based buffer overflow in a Network management service allows an unauthenticated remote attacker to execute arbitrary code as a privileged user on t...

CVE-2025-69269 Spectrum command injection in NCM service

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows OS Command Injection.This issue affects DX NetOps Spectrum: 23.3.6 and earlier...

CVE-2023-49241

API permission control vulnerability in the network management module. Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2025-23052

Authenticated command injection vulnerability in the command line interface of a network management service. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands as a privileged user on the underlying operating system...

CVE-2025-37155

A vulnerability in the SSH restricted shell interface of the network management services allows improper access control for authenticated read-only users. If successfully exploited, this vulnerability could allow an attacker with read-only privileges to gain administrator access on the affected...

EUVD-2020-17751

Malware in sbrugna...

EUVD-2025-3095

Malicious code in bioql PyPI...

CVE-2020-25058

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software. The networkmanagement service does not properly restrict configuration changes. The LG ID is LVE-SMP-200012 July 2020...

CVE-2017-13314

In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with...

CVE-2025-23052

Authenticated command injection vulnerability in the command line interface of a network management service. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands as a privileged user on the underlying operating system...

CVE-2025-23052

CVE-2025-23052 describes an authenticated command injection vulnerability in the CLI of Hewlett Packard Enterprise ArubaOS network management service. The issue allows an authenticated attacker with high privileges to execute arbitrary commands as the underlying OS user. The initial documents ind...