Lucene search
K

53 matches found

Cvelist
Cvelist
added 2026/05/12 7:3 p.m.35 views

CVE-2026-44858 Authenticated Stack-Based Buffer Overflow in PAPI Services

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

7.2CVSS0.00352EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 6:58 p.m.31 views

CVE-2026-44854 Authenticated Remote Code Execution via Arbitrary File Write in AOS-8 and AOS-10 Web-Based Management Interface

Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote code execution as a...

7.2CVSS0.01014EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 6:52 p.m.22 views

CVE-2026-23825

CVE-2026-23825 affects the protocol-handling component in AOS-8 and AOS-10. An unauthenticated attacker can send specially crafted network messages to the affected service. The root cause is insufficient input validation, which may cause the termination of a critical system process and lead to a ...

7.5CVSS5.8AI score0.00329EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/12 6:51 p.m.35 views

CVE-2026-23824 Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component

Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may...

7.5CVSS0.00329EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 1:27 a.m.4 views

CVE-2026-22284

Dell SmartFabric OS10 Software, versions prior to 10.5.6.12, contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...

7.2CVSS5.6AI score0.00944EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/14 8:22 p.m.5 views

CVE-2025-37177

An arbitrary file deletion vulnerability has been identified in the command-line interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation of this vulnerability could allow an authenticated remote malicious actor to delete arbitrary files within th...

6.5CVSS6.9AI score0.0031EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 8:16 p.m.4 views

CVE-2025-37173

An improper input handling vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor with valid credentials to trigger unintended behavior on the affected...

7.2CVSS5.8AI score0.00367EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 8:16 p.m.6 views

CVE-2025-37173

An improper input handling vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor with valid credentials to trigger unintended behavior on the affected...

7.2CVSS0.00367EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 8:16 p.m.6 views

CVE-2025-37174

Authenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to create or modify arbitrary files and execute arbitrary...

7.2CVSS6AI score0.00476EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/13 8:8 p.m.5 views

EUVD-2026-2049

An arbitrary file deletion vulnerability has been identified in the command-line interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation of this vulnerability could allow an authenticated remote malicious actor to delete arbitrary files within th...

6.5CVSS6.4AI score0.0031EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/13 8:5 p.m.8 views

CVE-2025-37174 Authenticated Arbitrary File Write Vulnerability in AOS 10 and AOS-8 Web-Based Management Interface

Authenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to create or modify arbitrary files and execute arbitrary...

7.2CVSS6.9AI score0.00476EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.7 views

PT-2026-2457

An improper input handling vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor with valid credentials to trigger unintended behavior on the affected...

7.2CVSS6.7AI score0.00367EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.6 views

PT-2026-2461

Name of the Vulnerable Software and Affected Versions mobility conductors versions AOS-8 and AOS-10 Description An arbitrary file deletion issue exists in the command-line interface of mobility conductors. A remote attacker with authentication could delete arbitrary files within the affected...

6.5CVSS6AI score0.0031EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.5 views

PT-2026-2458

Authenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to create or modify arbitrary files and execute arbitrary...

7.2CVSS7.3AI score0.00476EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/13 8:3 p.m.5 views

CVE-2025-46428

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...

8.8CVSS6.8AI score0.01085EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/12 8:1 p.m.6 views

CVE-2025-46427

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...

8.8CVSS0.01152EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/12 7:57 p.m.6 views

CVE-2025-46428

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...

8.8CVSS0.01085EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/12 7:50 p.m.3 views

CVE-2024-48829

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code 'Code Injection' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution...

6.7CVSS6.1AI score0.00155EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/12 12:0 a.m.7 views

PT-2025-46710

Name of the Vulnerable Software and Affected Versions Dell SmartFabric OS10 Software versions prior to 10.6.1.0 Description Dell SmartFabric OS10 Software versions prior to 10.6.1.0 contain an Improper Neutralization of Special Elements used in a Command 'Command Injection' issue. A low privilege...

8.8CVSS6.8AI score0.01085EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/10/15 5:44 p.m.5 views

CVE-2025-37140

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.9AI score0.00319EPSS
Exploits0References1
Rows per page
Query Builder