Lucene search
K

19186 matches found

NVD
NVD
added 2025/10/14 5:15 p.m.4 views

CVE-2025-37140

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS0.00319EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 5:15 p.m.7 views

CVE-2025-37137

Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system...

6.5CVSS5.9AI score0.00333EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 5:15 p.m.5 views

CVE-2025-37141

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS5.9AI score0.00319EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 5:15 p.m.3 views

CVE-2025-37135

Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system...

6.5CVSS5.9AI score0.00333EPSS
Exploits0References1
NVD
NVD
added 2025/10/14 5:15 p.m.5 views

CVE-2025-37133

An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system...

7.2CVSS0.01274EPSS
Exploits0References1
NVD
NVD
added 2025/10/14 5:15 p.m.3 views

CVE-2025-37132

An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files and execute arbitrary commands on the...

7.2CVSS0.00501EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 5:15 p.m.4 views

CVE-2025-37132

An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files and execute arbitrary commands on the...

7.2CVSS6AI score0.00501EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 5:2 p.m.15 views

CVE-2025-37145

CVE-2025-37145 describes an authenticated arbitrary file download vulnerability in the low-level interface library of HPE ArubaOS AOS-10 GW and AOS-8 Controller/Mobility Conductor. The issue allows an authenticated actor to download arbitrary files via crafted requests. Affected products are Arub...

4.9CVSS6.5AI score0.00409EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/10/14 5:2 p.m.8 views

CVE-2025-37145 Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface

Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS0.00409EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 5:1 p.m.2 views

CVE-2025-37144 Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface

Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.5AI score0.00409EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 5:0 p.m.5 views

CVE-2025-37143 Authenticated Arbitrary File Download Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web Interface (Physical Access Required)

An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS0.00347EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 5:0 p.m.2 views

CVE-2025-37143 Authenticated Arbitrary File Download Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web Interface (Physical Access Required)

An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.5AI score0.00347EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 5:0 p.m.11 views

CVE-2025-37143

CVE-2025-37143 describes an authenticated arbitrary file download vulnerability in the web-based management interface of ArubaOS AOS-10 GW and AOS-8 Controller/Mobility Conductor. The Nessus/NASL context links this CVE to multiple HPESBNW04957 entries, indicating affected ArubaOS versions (e.g., ...

4.9CVSS6.5AI score0.00347EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/14 4:59 p.m.2 views

CVE-2025-37142 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.5AI score0.00319EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 4:59 p.m.8 views

CVE-2025-37141 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS0.00319EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 4:59 p.m.3 views

CVE-2025-37141 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.5AI score0.00319EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 4:58 p.m.7 views

CVE-2025-37140 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS0.00319EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 4:58 p.m.11 views

CVE-2025-37140

CVE-2025-37140 describes an authentication-restricted arbitrary file download vulnerability in the CLI binary of HPE Aruba AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. The vulnerability allows a logged-in attacker to download arbitrary files via crafted input. Affected pro...

4.9CVSS6.5AI score0.00319EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/14 4:58 p.m.5 views

EUVD-2025-34435

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.4AI score0.00319EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/14 4:57 p.m.8 views

CVE-2025-37138 Authenticated Command Injection Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface (Physical Access Required)

An authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. Exploitation of this vulnerability requires physical access to the hardware controllers. A successful attack could allow an...

6.2CVSS0.00687EPSS
Exploits0References1
Rows per page
Query Builder