Lucene search
K

481 matches found

Nuclei
Nuclei
added 11 hours ago60 views

Aruba Airwave <8.2.3.1 - Cross-Site Scripting

Aruba Airwave before version 8.2.3.1 is vulnerable to reflected cross-site scripting. id: CVE-2016-8527 info: name: Aruba Airwave 8.2.3.1 - Cross-Site Scripting author: pikpikcu severity: medium description: Aruba Airwave before version 8.2.3.1 is vulnerable to reflected cross-site scripting...

6.1CVSS6.4AI score0.13164EPSS
Exploits5References5
HPE Security Bulletins
HPE Security Bulletins
added 2026/06/09 12:0 a.m.5 views

HPESBNW05064 rev.1 - Status of NGINX ngx_http_rewrite_module Vulnerability (CVE-2026-42945) in HPE Aruba Networking Products

Potential Security Impact: Remote: Arbitrary Code Execution, Code Execution, Denial of Service DoS, Unauthorized Code Execution, Unauthorized Execution of Arbitrary Code, Unauthorized Privileged Access, Buffer Overflow SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba AirWave...

9.2CVSS7.1AI score0.61469EPSS
Exploits40
HPE Security Bulletins
HPE Security Bulletins
added 2026/05/19 12:0 a.m.3 views

HPESBNW05059 rev.2 - Status of Copy Fail Vulnerability on HPE Aruba Networking Products (CVE-2026-31431)

Potential Security Impact: Local: Elevated Privileges SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. Aruba CX 10000 Switch Series Please refer to Vulnerability Summary for impacted software version Aruba CX 4100i Switch Series Please refer to Vulnerability Summary for impacted...

7.8CVSS7AI score0.96267EPSS
Exploits230
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.6 views

CVE-2022-37917

Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network...

8.1CVSS7.1AI score0.0076EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.9 views

CVE-2022-37918

Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network...

8.1CVSS7.1AI score0.0076EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.9 views

CVE-2020-7125

A remote escalation of privilege vulnerability was discovered in Aruba Airwave Software versions: Prior to 1.3.2...

8.8CVSS7.4AI score0.01425EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.16 views

CVE-2020-7127

A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software versions: Prior to 1.3.2...

9.8CVSS8AI score0.01751EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.9 views

CVE-2020-7128

A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software versions: Prior to 1.3.2...

10CVSS8AI score0.02114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.11 views

CVE-2020-7124

A remote unauthorized access vulnerability was discovered in Aruba Airwave Software versions: Prior to 1.3.2...

9.8CVSS7AI score0.01368EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.9 views

CVE-2020-24641

In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately gain administrative...

7.5CVSS7.3AI score0.01464EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.4 views

CVE-2020-24632

A remote execution of arbitrary commandss vulnerability was discovered in Aruba Airwave Software versions: Prior to 1.3.2...

9CVSS7.3AI score0.02625EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:48 a.m.10 views

CVE-2020-24639

There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system...

10CVSS7.3AI score0.07241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.4 views

CVE-2023-4896

A vulnerability exists which allows an authenticated attacker to access sensitive information on the AirWave Management Platform web-based management interface. Successful exploitation allows the attacker to gain access to some data that could be further exploited to laterally access devices...

6.8CVSS6.6AI score0.00444EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.8 views

CVE-2023-45616

There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of this vulnerabilit...

9.8CVSS8.7AI score0.02132EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/19 7:19 p.m.8 views

CVE-2025-37163

A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system...

7.2CVSS8.1AI score0.00917EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/18 9:32 p.m.6 views

EUVD-2025-198089

A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system...

7.2CVSS7.6AI score0.00917EPSS
Exploits0References2
NVD
NVD
added 2025/11/18 7:15 p.m.9 views

CVE-2025-37163

A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system...

7.2CVSS0.00917EPSS
Exploits0References1
OSV
OSV
added 2025/11/18 7:15 p.m.5 views

CVE-2025-37163

A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system...

7.2CVSS6.1AI score0.00917EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/18 7:6 p.m.13 views

CVE-2025-37163 Authenticated Command Injection Vulnerability in HPE Aruba Networking Management Software (AirWave) CLI

A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system...

7.2CVSS0.00917EPSS
Exploits0References1
CVE
CVE
added 2025/11/18 7:6 p.m.21 views

CVE-2025-37163

CVE-2025-37163 describes an authenticated command-injection vulnerability in the HPE Aruba Networking Airwave Platform CLI. An authenticated attacker could run arbitrary OS commands with elevated privileges on the underlying system. Affected component: AirWave CLI; impact is privilege escalation ...

7.2CVSS7.7AI score0.00917EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder