CVE-2025-37133 Authenticated Command Injection Vulnerability in AOS-8 Controller/Mobility Conductor Web-Based Management Interface via the CLI Binaryalong with accounting controls for tracking and logging user activities and resource usage.

An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system...

CVE-2025-58325

An Incorrect Provision of Specified Functionality vulnerability CWE-684 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all versions may allow a local authenticated attacker to execute system commands via crafted CLI commands...

CVE-2023-46718

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands...

XSS-Scanner-cross-site-scanning-

Basic XSS Lab Local — Flask + CLI Scanner Quick start W...

Cisco IOS XE Software CLI DoS (cisco-sa-ios-cli-EB7cZ6yO)

A vulnerability in the CLI of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. An attacker with a low-privileged account could exploit this vulnerability by...

PT-2025-41982

An authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. Exploitation of this vulnerability requires physical access to the hardware controllers. A successful attack could allow an...

HPE Aruba Networking EdgeConnect OS 安全漏洞

HPE Aruba Networking EdgeConnect OS is an operating system from HPE America. A security vulnerability exists in HPE Aruba Networking EdgeConnect OS that originates from the presence of authenticated command injections in the CLI binary file, which could lead to the execution of arbitrary commands...

Hewlett Packard Enterprise ArubaOS 安全漏洞

Hewlett Packard Enterprise ArubaOS HPE ArubaOS is a networked wireless operating system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise ArubaOS that stems from an arbitrary file deletion vulnerability in the command line interface, which could le...

HPE AOS 安全漏洞

HPE AOS is an operating system from HPE Corporation in the United States. A security vulnerability exists in HPE AOS that stems from an arbitrary file deletion vulnerability in the command line interface, which could lead to the deletion of arbitrary files by an authenticated remote malicious act...

PT-2025-41981

Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system...

PT-2025-41979

Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system...

PT-2025-41984

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

PT-2025-41965

Name of the Vulnerable Software and Affected Versions FortiOS versions 6.4 all versions FortiOS versions 7.0.0 through 7.0.15 FortiOS versions 7.2.5 through 7.2.10 FortiOS versions 7.4.0 through 7.4.5 FortiOS version 7.6.0 Description An issue exists in FortiOS where a local authenticated attacke...

PT-2025-41985

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

PT-2025-41980

Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system...

Hewlett Packard Enterprise ArubaOS 安全漏洞

Hewlett Packard Enterprise ArubaOS HPE ArubaOS is a networked wireless operating system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise ArubaOS HPE ArubaOS that stems from a command injection vulnerability in the command line interface, which cou...

CVE-2025-62174 Mastodon allows continued access after password reset via CLI

Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...

CVE-2025-62174

Summary: Mastodon prior to versions 4.4.6, 4.3.14, and 4.2.27 fails to revoke active sessions and access tokens when an admin resets a user password via the CLI command bin/tootctl accounts modify --reset-password, allowing continued use of the account by an attacker with a compromised session/to...

CVE-2025-0636 Arbitrary Code Execution vulnerability in Ericsson RAN Compute and Site Controller

EMCLI contains a high severity vulnerability where improper neutralization of special elements used in an OS command could be exploited leading to Arbitrary Code Execution...

PT-2025-41807

Name of the Vulnerable Software and Affected Versions Mastodon versions prior to 4.2.27 Mastodon versions prior to 4.3.14 Mastodon versions prior to 4.4.6 Description Mastodon is a free, open-source social network server based on ActivityPub. When an administrator resets a user account’s password...