Lucene search
K

999 matches found

OSV
OSV
added 2026/01/13 8:16 p.m.3 views

CVE-2025-37171

Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating...

7.2CVSS6AI score0.01203EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 8:16 p.m.5 views

CVE-2025-37172

Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating...

7.2CVSS6AI score0.01096EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 8:16 p.m.6 views

CVE-2025-37171

Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating...

7.2CVSS0.01203EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 8:16 p.m.4 views

CVE-2025-37172

Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating...

7.2CVSS0.01096EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 8:16 p.m.4 views

CVE-2025-37174

Authenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to create or modify arbitrary files and execute arbitrary...

7.2CVSS0.00476EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 8:16 p.m.8 views

CVE-2025-37175

Arbitrary file upload vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files as a privilege user and execute arbitrary comman...

7.2CVSS0.0043EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 8:16 p.m.4 views

CVE-2025-37177

An arbitrary file deletion vulnerability has been identified in the command-line interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation of this vulnerability could allow an authenticated remote malicious actor to delete arbitrary files within th...

6.5CVSS0.0031EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 8:16 p.m.6 views

CVE-2025-37173

An improper input handling vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor with valid credentials to trigger unintended behavior on the affected...

7.2CVSS0.00367EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 8:16 p.m.4 views

CVE-2025-37170

Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating...

7.2CVSS6AI score0.01122EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 8:16 p.m.2 views

CVE-2025-37169

A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system...

7.2CVSS6.1AI score0.00477EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 8:16 p.m.4 views

CVE-2025-37170

Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating...

7.2CVSS0.01122EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 8:16 p.m.9 views

CVE-2025-37168

Arbitrary file deletion vulnerability have been identified in a system function of mobility conductors running AOS-8 operating system. Successful exploitation of this vulnerability could allow an unauthenticated remote malicious actor to delete arbitrary files within the affected system and...

9.1CVSS0.00382EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 8:16 p.m.3 views

CVE-2025-37169

A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system...

7.2CVSS0.00477EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/13 8:8 p.m.5 views

EUVD-2026-2049

An arbitrary file deletion vulnerability has been identified in the command-line interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation of this vulnerability could allow an authenticated remote malicious actor to delete arbitrary files within th...

6.5CVSS6.4AI score0.0031EPSS
Exploits0References2
CVE
CVE
added 2026/01/13 8:7 p.m.16 views

CVE-2025-37175

The CVE-2025-37175 entry concerns Aruba Networks ArubaOS (AOS-8 and AOS-10) web-based management interfaces. The connected NCSC advisory confirms that vulnerabilities in AOS-8/AOS-10 include arbitrary file deletion, stack overflow, command injection, and improper input handling, which could allow...

7.2CVSS7.1AI score0.0043EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/01/13 8:7 p.m.20 views

CVE-2025-37175 Authenticated Arbitrary File Upload Vulnerability in AOS-10 or AOS-8 Web-Based Management Interface

Arbitrary file upload vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files as a privilege user and execute arbitrary comman...

7.2CVSS0.0043EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/13 8:7 p.m.5 views

CVE-2025-37175 Authenticated Arbitrary File Upload Vulnerability in AOS-10 or AOS-8 Web-Based Management Interface

Arbitrary file upload vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files as a privilege user and execute arbitrary comman...

7.2CVSS7.1AI score0.0043EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/13 8:5 p.m.24 views

CVE-2025-37174 Authenticated Arbitrary File Write Vulnerability in AOS 10 and AOS-8 Web-Based Management Interface

Authenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to create or modify arbitrary files and execute arbitrary...

7.2CVSS0.00476EPSS
Exploits0References1
CVE
CVE
added 2026/01/13 8:5 p.m.13 views

CVE-2025-37174

ArubaOS AOS-8 and AOS-10 web management interfaces are affected by vulnerabilities fixed by Aruba Networks. The NCSC advisory notes issues including arbitrary file deletion, stack overflow, command injection, and improper input handling that could allow unauthorized access, file manipulation, or ...

7.2CVSS6.9AI score0.00476EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/13 8:4 p.m.5 views

CVE-2025-37173 Improper Input Handling Vulnerability in Authenticated Configuration API Endpoint (AOS-10/AOS-8 Web UI)

An improper input handling vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor with valid credentials to trigger unintended behavior on the affected...

7.2CVSS6.3AI score0.00367EPSS
Exploits0References1
Rows per page
Query Builder