Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2026-AVI-0573
Vulnerability from certfr_avis - Published: 2026-05-13 - Updated: 2026-05-13
De multiples vulnérabilités ont été découvertes dans les produits HPE Aruba Networking. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| HPE Aruba Networking | AOS | ArubaOS versions 10.8.x antérieures à AOS-10.8.0.1 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 10.7.x antérieures à AOS-10.7.2.3 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 8.13.x antérieures à AOS-8.13.1.2 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 8.12.x antérieures à AOS-8.12.0.7 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 8.10.x antérieures à AOS-8.10.0.22 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 10.4.x antérieures à AOS-10.4.1.11 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ArubaOS versions 10.8.x ant\u00e9rieures \u00e0 AOS-10.8.0.1",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 10.7.x ant\u00e9rieures \u00e0 AOS-10.7.2.3",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 8.13.x ant\u00e9rieures \u00e0 AOS-8.13.1.2",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 8.12.x ant\u00e9rieures \u00e0 AOS-8.12.0.7",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 8.10.x ant\u00e9rieures \u00e0 AOS-8.10.0.22",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 10.4.x ant\u00e9rieures \u00e0 AOS-10.4.1.11",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-44854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44854"
},
{
"name": "CVE-2026-23823",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23823"
},
{
"name": "CVE-2026-44868",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44868"
},
{
"name": "CVE-2026-44852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44852"
},
{
"name": "CVE-2026-23824",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23824"
},
{
"name": "CVE-2026-44856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44856"
},
{
"name": "CVE-2026-44872",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44872"
},
{
"name": "CVE-2026-44864",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44864"
},
{
"name": "CVE-2026-44861",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44861"
},
{
"name": "CVE-2026-23827",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23827"
},
{
"name": "CVE-2026-44866",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44866"
},
{
"name": "CVE-2026-23826",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23826"
},
{
"name": "CVE-2026-44869",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44869"
},
{
"name": "CVE-2026-44858",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44858"
},
{
"name": "CVE-2026-44857",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44857"
},
{
"name": "CVE-2026-44873",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44873"
},
{
"name": "CVE-2026-44874",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44874"
},
{
"name": "CVE-2026-44865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44865"
},
{
"name": "CVE-2026-23821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23821"
},
{
"name": "CVE-2026-23819",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23819"
},
{
"name": "CVE-2026-44853",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44853"
},
{
"name": "CVE-2026-44863",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44863"
},
{
"name": "CVE-2026-44855",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44855"
},
{
"name": "CVE-2026-44859",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44859"
},
{
"name": "CVE-2026-44862",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44862"
},
{
"name": "CVE-2026-23825",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23825"
},
{
"name": "CVE-2026-23820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23820"
},
{
"name": "CVE-2026-44867",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44867"
},
{
"name": "CVE-2026-44870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44870"
},
{
"name": "CVE-2026-23822",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23822"
},
{
"name": "CVE-2026-44860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44860"
}
],
"initial_release_date": "2026-05-13T00:00:00",
"last_revision_date": "2026-05-13T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0573",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits HPE Aruba Networking. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits HPE Aruba Networking",
"vendor_advisories": [
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW05048",
"url": "https://csaf.arubanetworking.hpe.com/2026/hpe_aruba_networking_-_hpesbnw05048.txt"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW05049",
"url": "https://csaf.arubanetworking.hpe.com/2026/hpe_aruba_networking_-_hpesbnw05049.txt"
}
]
}
CVE-2026-44856 (GCVE-0-2026-44856)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:00 – Updated: 2026-05-13 17:50
VLAI?
EPSS
Title
Authenticated Stack-Based Buffer Overflow in PAPI Services
Summary
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44856",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T17:50:13.939286Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:50:31.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eStack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.\u003c/p\u003e"
}
],
"value": "Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:00:02.478Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "EXTERNAL"
},
"title": "Authenticated Stack-Based Buffer Overflow in PAPI Services",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44856",
"datePublished": "2026-05-12T19:00:02.478Z",
"dateReserved": "2026-05-07T21:29:03.734Z",
"dateUpdated": "2026-05-13T17:50:31.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44872 (GCVE-0-2026-44872)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:18 – Updated: 2026-05-15 20:04
VLAI?
EPSS
Title
Authenticated Arbitrary File Upload via Command Injection in AOS-8 AND AOS-10 Web-Based Management Interface
Summary
A command injection vulnerability exists in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to place arbitrary files on the underlying filesystem of the affected device.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44872",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T12:34:34.342030Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T20:04:56.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA command injection vulnerability exists in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to place arbitrary files on the underlying filesystem of the affected device.\u003c/p\u003e"
}
],
"value": "A command injection vulnerability exists in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to place arbitrary files on the underlying filesystem of the affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:18:16.627Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Upload via Command Injection in AOS-8 AND AOS-10 Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44872",
"datePublished": "2026-05-12T19:18:16.627Z",
"dateReserved": "2026-05-07T21:29:22.243Z",
"dateUpdated": "2026-05-15T20:04:56.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44853 (GCVE-0-2026-44853)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:56 – Updated: 2026-05-13 15:35
VLAI?
EPSS
Title
Authenticated Remote Code Execution via Arbitrary File Write in AOS-8 and AOS-10 Web-Based Management Interface
Summary
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote code execution as a privileged user.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.8.0.0 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44853",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T15:34:49.727263Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T15:35:40.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCommand injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote code execution as a privileged user.\u003c/p\u003e"
}
],
"value": "Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote code execution as a privileged user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:56:48.717Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Remote Code Execution via Arbitrary File Write in AOS-8 and AOS-10 Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44853",
"datePublished": "2026-05-12T18:56:48.717Z",
"dateReserved": "2026-05-07T21:29:03.734Z",
"dateUpdated": "2026-05-13T15:35:40.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44860 (GCVE-0-2026-44860)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:05 – Updated: 2026-05-13 17:57
VLAI?
EPSS
Title
Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems
Summary
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44860",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T17:57:14.715835Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:57:40.202Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:05:21.357Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44860",
"datePublished": "2026-05-12T19:05:21.357Z",
"dateReserved": "2026-05-07T21:29:03.734Z",
"dateUpdated": "2026-05-13T17:57:40.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23819 (GCVE-0-2026-23819)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:31 – Updated: 2026-05-12 19:31
VLAI?
EPSS
Title
Error in SSID Processing allows Stored XSS in Web Management Interface
Summary
A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an attacker to compromise user data and potentially manipulate device configuration settings.
Severity ?
8.8 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) Affected: 8.13.0.0 , ≤ 8.13.1.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) |
Credits
Michael Messner
Benedikt Kuehne
Caio Adler Goncalves Farias
Siemens Energy
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T19:30:46.532539Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:31:00.149Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Michael Messner"
},
{
"lang": "en",
"type": "reporter",
"value": "Benedikt Kuehne"
},
{
"lang": "en",
"type": "reporter",
"value": "Caio Adler Goncalves Farias"
},
{
"lang": "en",
"type": "sponsor",
"value": "Siemens Energy"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim\u0027s browser within the same local network. Successful exploitation could allow an attacker to compromise user data and potentially manipulate device configuration settings.\u003c/p\u003e"
}
],
"value": "A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim\u0027s browser within the same local network. Successful exploitation could allow an attacker to compromise user data and potentially manipulate device configuration settings."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:31:33.726Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05049en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05049",
"discovery": "EXTERNAL"
},
"title": "Error in SSID Processing allows Stored XSS in Web Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23819",
"datePublished": "2026-05-12T18:31:33.726Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-12T19:31:00.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44861 (GCVE-0-2026-44861)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:06 – Updated: 2026-05-13 17:58
VLAI?
EPSS
Title
Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems
Summary
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44861",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T17:58:00.302996Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:58:29.693Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:07:07.251Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44861",
"datePublished": "2026-05-12T19:06:35.878Z",
"dateReserved": "2026-05-07T21:29:07.696Z",
"dateUpdated": "2026-05-13T17:58:29.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23820 (GCVE-0-2026-23820)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:34 – Updated: 2026-05-13 03:58
VLAI?
EPSS
Title
Inconsistent input filtering allows Authenticated Command Injection in AOS-8 Instant and AOS-10 CLI
Summary
A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) Affected: 8.13.0.0 , ≤ 8.13.1.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) |
Credits
This vulnerability was discovered and reported by moonv through HPE Aruba Networking's Bug Bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:39.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking\u0027s Bug Bounty program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:34:34.107Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05049en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05049",
"discovery": "INTERNAL"
},
"title": "Inconsistent input filtering allows Authenticated Command Injection in AOS-8 Instant and AOS-10 CLI",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23820",
"datePublished": "2026-05-12T18:34:34.107Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-13T03:58:39.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44869 (GCVE-0-2026-44869)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:15 – Updated: 2026-05-13 14:31
VLAI?
EPSS
Title
Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10
Summary
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T12:36:33.096470Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T14:31:32.668Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCommand injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:15:50.763Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44869",
"datePublished": "2026-05-12T19:15:50.763Z",
"dateReserved": "2026-05-07T21:29:07.697Z",
"dateUpdated": "2026-05-13T14:31:32.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23823 (GCVE-0-2026-23823)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:38 – Updated: 2026-05-13 03:58
VLAI?
EPSS
Title
Authenticated Command Injection leads to RCE in AOS-10 CLI Command
Summary
A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
NOTE: This vulnerability only impacts Access Points running AOS-10.7.x.x and above. AOS-10.4 AP and AOS-8 Instant software branches are not affected by this vulnerability.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) |
Credits
This vulnerability was discovered and reported by erikdejong through HPE Aruba Networking's Bug Bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:36.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "This vulnerability was discovered and reported by erikdejong through HPE Aruba Networking\u0027s Bug Bounty program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.\u003cbr\u003e\u003cbr\u003eNOTE: This vulnerability only impacts Access Points running AOS-10.7.x.x and above. AOS-10.4 AP and AOS-8 Instant software branches are not affected by this vulnerability.\u003c/p\u003e"
}
],
"value": "A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.\n\nNOTE: This vulnerability only impacts Access Points running AOS-10.7.x.x and above. AOS-10.4 AP and AOS-8 Instant software branches are not affected by this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:38:44.771Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05049en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05049",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection leads to RCE in AOS-10 CLI Command",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23823",
"datePublished": "2026-05-12T18:38:44.771Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-13T03:58:36.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44855 (GCVE-0-2026-44855)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:59 – Updated: 2026-05-13 17:49
VLAI?
EPSS
Title
Authenticated Stack-Based Buffer Overflow in PAPI Services
Summary
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44855",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T17:49:00.283210Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:49:35.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eStack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.\u003c/p\u003e"
}
],
"value": "Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:59:11.553Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Stack-Based Buffer Overflow in PAPI Services",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44855",
"datePublished": "2026-05-12T18:59:11.553Z",
"dateReserved": "2026-05-07T21:29:03.734Z",
"dateUpdated": "2026-05-13T17:49:35.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23827 (GCVE-0-2026-23827)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:54 – Updated: 2026-05-13 15:41
VLAI?
EPSS
Title
Unauthenticated Remote Code Execution via Heap Buffer Overflow in Network Management Service
Summary
A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged user on the underlying operating system, potentially leading to a system compromise. Exploitation may also result in a denial-of-service (DoS) condition affecting the impacted system process.
Severity ?
7.5 (High)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.8.0.0 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
n3k
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23827",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T15:41:35.392668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T15:41:39.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "n3k"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged user on the underlying operating system, potentially leading to a system compromise. Exploitation may also result in a denial-of-service (DoS) condition affecting the impacted system process.\u003c/p\u003e"
}
],
"value": "A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged user on the underlying operating system, potentially leading to a system compromise. Exploitation may also result in a denial-of-service (DoS) condition affecting the impacted system process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:54:47.364Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Unauthenticated Remote Code Execution via Heap Buffer Overflow in Network Management Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23827",
"datePublished": "2026-05-12T18:54:47.364Z",
"dateReserved": "2026-01-16T15:22:49.225Z",
"dateUpdated": "2026-05-13T15:41:39.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44858 (GCVE-0-2026-44858)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:03 – Updated: 2026-05-13 18:00
VLAI?
EPSS
Title
Authenticated Stack-Based Buffer Overflow in PAPI Services
Summary
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44858",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T17:59:44.898562Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T18:00:18.204Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eStack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.\u003c/p\u003e"
}
],
"value": "Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:03:39.670Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Stack-Based Buffer Overflow in PAPI Services",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44858",
"datePublished": "2026-05-12T19:03:39.670Z",
"dateReserved": "2026-05-07T21:29:03.734Z",
"dateUpdated": "2026-05-13T18:00:18.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23821 (GCVE-0-2026-23821)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:35 – Updated: 2026-05-13 03:58
VLAI?
EPSS
Title
Inconsistent input filtering allows Authenticated Command Injection in AOS-10 CLI
Summary
A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
Note: Access Points running AOS-8 Instant software are not affected by this vulnerability.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
This vulnerability was discovered and reported by moonv through HPE Aruba Networking's Bug Bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:38.032Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking\u0027s Bug Bounty program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.\u003cbr\u003e\u003cbr\u003eNote: Access Points running AOS-8 Instant software are not affected by this vulnerability.\u003c/p\u003e"
}
],
"value": "A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.\n\nNote: Access Points running AOS-8 Instant software are not affected by this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:35:34.806Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05049en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05049",
"discovery": "INTERNAL"
},
"title": "Inconsistent input filtering allows Authenticated Command Injection in AOS-10 CLI",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23821",
"datePublished": "2026-05-12T18:35:34.806Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-13T03:58:38.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44866 (GCVE-0-2026-44866)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:12 – Updated: 2026-05-13 14:18
VLAI?
EPSS
Title
Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10
Summary
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
moonv
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44866",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T14:18:35.300735Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T14:18:58.399Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "moonv"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCommand injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:12:47.890Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44866",
"datePublished": "2026-05-12T19:12:47.890Z",
"dateReserved": "2026-05-07T21:29:07.697Z",
"dateUpdated": "2026-05-13T14:18:58.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44873 (GCVE-0-2026-44873)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:19 – Updated: 2026-05-15 20:06
VLAI?
EPSS
Title
Insufficient Session Invalidation on User Account Deactivation in AOS-8 Operating System
Summary
A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled. Existing sessions are not invalidated when credentials are revoked, enabling continued access until session expiration. An attacker with compromised credentials could exploit this behavior to maintain unauthorized access even after the account has been disabled.
Severity ?
5.4 (Medium)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) |
Credits
0x50d
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44873",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T19:47:14.121440Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T20:06:05.460Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "0x50d"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled. Existing sessions are not invalidated when credentials are revoked, enabling continued access until session expiration. An attacker with compromised credentials could exploit this behavior to maintain unauthorized access even after the account has been disabled.\u003c/p\u003e"
}
],
"value": "A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled. Existing sessions are not invalidated when credentials are revoked, enabling continued access until session expiration. An attacker with compromised credentials could exploit this behavior to maintain unauthorized access even after the account has been disabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:19:59.595Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Insufficient Session Invalidation on User Account Deactivation in AOS-8 Operating System",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44873",
"datePublished": "2026-05-12T19:19:59.595Z",
"dateReserved": "2026-05-07T21:29:22.243Z",
"dateUpdated": "2026-05-15T20:06:05.460Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44863 (GCVE-0-2026-44863)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:09 – Updated: 2026-05-13 17:52
VLAI?
EPSS
Title
Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems
Summary
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44863",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T17:52:43.405659Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:52:56.389Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:09:19.516Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44863",
"datePublished": "2026-05-12T19:09:19.516Z",
"dateReserved": "2026-05-07T21:29:07.696Z",
"dateUpdated": "2026-05-13T17:52:56.389Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44867 (GCVE-0-2026-44867)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:13 – Updated: 2026-05-14 12:28
VLAI?
EPSS
Title
Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10
Summary
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44867",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-14T12:27:57.803964Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T12:28:01.656Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCommand injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:13:41.797Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44867",
"datePublished": "2026-05-12T19:13:41.797Z",
"dateReserved": "2026-05-07T21:29:07.697Z",
"dateUpdated": "2026-05-14T12:28:01.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44862 (GCVE-0-2026-44862)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:08 – Updated: 2026-05-13 17:56
VLAI?
EPSS
Title
Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems
Summary
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44862",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T17:55:35.526849Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:56:05.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:08:40.569Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44862",
"datePublished": "2026-05-12T19:08:16.219Z",
"dateReserved": "2026-05-07T21:29:07.696Z",
"dateUpdated": "2026-05-13T17:56:05.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44854 (GCVE-0-2026-44854)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:58 – Updated: 2026-05-13 17:47
VLAI?
EPSS
Title
Authenticated Remote Code Execution via Arbitrary File Write in AOS-8 and AOS-10 Web-Based Management Interface
Summary
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote code execution as a privileged user.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.8.0.0 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
LIUPENG
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44854",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T17:46:57.839732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:47:55.053Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LIUPENG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCommand injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote code execution as a privileged user.\u003c/p\u003e"
}
],
"value": "Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote code execution as a privileged user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:58:19.086Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Remote Code Execution via Arbitrary File Write in AOS-8 and AOS-10 Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44854",
"datePublished": "2026-05-12T18:58:19.086Z",
"dateReserved": "2026-05-07T21:29:03.734Z",
"dateUpdated": "2026-05-13T17:47:55.053Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23824 (GCVE-0-2026-23824)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:51 – Updated: 2026-05-12 21:10
VLAI?
EPSS
Title
Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component
Summary
Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
n3k
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T21:09:44.777897Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T21:10:11.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "n3k"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eVulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition.\u003c/p\u003e"
}
],
"value": "Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:51:54.519Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23824",
"datePublished": "2026-05-12T18:51:54.519Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-12T21:10:11.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44874 (GCVE-0-2026-44874)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:19 – Updated: 2026-05-15 20:05
VLAI?
EPSS
Title
Authenticated Arbitrary File Download via AOS-10 Web-Based Management Interface
Summary
A vulnerability exists in the web-based management interface of an AOS-10 Gateway that could allow an authenticated remote attacker to access sensitive files on the underlying operating system. Successful exploitation of this vulnerability could result in the disclosure of confidential system information, potentially enabling further attacks against the affected device.
Severity ?
4.9 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.2.2
(semver)
Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44874",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T19:49:05.874201Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T20:05:06.617Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability exists in the web-based management interface of an AOS-10 Gateway that could allow an authenticated remote attacker to access sensitive files on the underlying operating system. Successful exploitation of this vulnerability could result in the disclosure of confidential system information, potentially enabling further attacks against the affected device.\u003c/p\u003e"
}
],
"value": "A vulnerability exists in the web-based management interface of an AOS-10 Gateway that could allow an authenticated remote attacker to access sensitive files on the underlying operating system. Successful exploitation of this vulnerability could result in the disclosure of confidential system information, potentially enabling further attacks against the affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:19:25.459Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download via AOS-10 Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44874",
"datePublished": "2026-05-12T19:19:25.459Z",
"dateReserved": "2026-05-07T21:29:22.243Z",
"dateUpdated": "2026-05-15T20:05:06.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44859 (GCVE-0-2026-44859)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:04 – Updated: 2026-05-13 17:59
VLAI?
EPSS
Title
Authenticated Stack-Based Buffer Overflow in PAPI Services
Summary
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44859",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T17:59:07.623243Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:59:27.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eStack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.\u003c/p\u003e"
}
],
"value": "Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:04:20.861Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Stack-Based Buffer Overflow in PAPI Services",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44859",
"datePublished": "2026-05-12T19:04:20.861Z",
"dateReserved": "2026-05-07T21:29:03.734Z",
"dateUpdated": "2026-05-13T17:59:27.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44852 (GCVE-0-2026-44852)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:55 – Updated: 2026-05-15 20:05
VLAI?
EPSS
Title
Authenticated Remote Code Execution via Arbitrary File Overwrite in the AOS-8 and AOS-10 Web-Based Management Interface
Summary
An authenticated remote code execution vulnerability exists in the AOS-8 and AOS-10 web-based management interface. A vulnerability in the certificate download functionality could allow an authenticated remote attacker to overwrite arbitrary files on the underlying operating system by exploiting improper input validation in the file path parameter. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system as a privileged user.
Severity ?
7.2 (High)
CWE
- CWE-296 - Improper Following of a Certificate's Chain of Trust
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.8.0.0 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44852",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T15:24:42.503798Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "CWE-296 Improper Following of a Certificate\u0027s Chain of Trust",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T20:05:53.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn authenticated remote code execution vulnerability exists in the AOS-8 and AOS-10 web-based management interface. A vulnerability in the certificate download functionality could allow an authenticated remote attacker to overwrite arbitrary files on the underlying operating system by exploiting improper input validation in the file path parameter. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system as a privileged user.\u003c/p\u003e"
}
],
"value": "An authenticated remote code execution vulnerability exists in the AOS-8 and AOS-10 web-based management interface. A vulnerability in the certificate download functionality could allow an authenticated remote attacker to overwrite arbitrary files on the underlying operating system by exploiting improper input validation in the file path parameter. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system as a privileged user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:55:53.008Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Remote Code Execution via Arbitrary File Overwrite in the AOS-8 and AOS-10 Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44852",
"datePublished": "2026-05-12T18:55:53.008Z",
"dateReserved": "2026-05-07T21:29:03.734Z",
"dateUpdated": "2026-05-15T20:05:53.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44857 (GCVE-0-2026-44857)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:02 – Updated: 2026-05-13 18:02
VLAI?
EPSS
Title
Authenticated Stack-Based Buffer Overflow in PAPI Services
Summary
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44857",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T18:01:48.302064Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T18:02:04.629Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eStack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system.\u003c/p\u003e"
}
],
"value": "Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:02:40.543Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Stack-Based Buffer Overflow in PAPI Services",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44857",
"datePublished": "2026-05-12T19:02:40.543Z",
"dateReserved": "2026-05-07T21:29:03.734Z",
"dateUpdated": "2026-05-13T18:02:04.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44865 (GCVE-0-2026-44865)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:12 – Updated: 2026-05-13 17:51
VLAI?
EPSS
Title
Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10
Summary
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
moonv
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44865",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T17:51:36.298755Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:51:52.118Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "moonv"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCommand injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:12:00.613Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44865",
"datePublished": "2026-05-12T19:12:00.613Z",
"dateReserved": "2026-05-07T21:29:07.697Z",
"dateUpdated": "2026-05-13T17:51:52.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44868 (GCVE-0-2026-44868)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:15 – Updated: 2026-05-14 12:28
VLAI?
EPSS
Title
Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10
Summary
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-14T12:28:48.306849Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-14T12:28:51.490Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCommand injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:15:05.027Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44868",
"datePublished": "2026-05-12T19:15:05.027Z",
"dateReserved": "2026-05-07T21:29:07.697Z",
"dateUpdated": "2026-05-14T12:28:51.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23826 (GCVE-0-2026-23826)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:53 – Updated: 2026-05-13 15:45
VLAI?
EPSS
Title
Unauthenticated Denial of Service in AOS-8 Network Management Service
Summary
A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitation could cause the affected service process to terminate unexpectedly, disrupting normal device operations.
Severity ?
7.5 (High)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) |
Credits
n3k
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23826",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T15:45:15.478850Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T15:45:23.514Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "n3k"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitation could cause the affected service process to terminate unexpectedly, disrupting normal device operations. \u003c/p\u003e"
}
],
"value": "A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitation could cause the affected service process to terminate unexpectedly, disrupting normal device operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:53:47.735Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Unauthenticated Denial of Service in AOS-8 Network Management Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23826",
"datePublished": "2026-05-12T18:53:47.735Z",
"dateReserved": "2026-01-16T15:22:49.225Z",
"dateUpdated": "2026-05-13T15:45:23.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44870 (GCVE-0-2026-44870)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:16 – Updated: 2026-05-13 15:52
VLAI?
EPSS
Title
Authenticated Command Injection Vulnerabilities in Command Line Interface (CLI) Service Accessed by PAPI Protocol of AOS-8 and AOS-10 Operating Systems
Summary
Command injection vulnerabilities exist in the command line interface (CLI) service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44870",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T19:35:28.552532Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T15:52:39.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCommand injection vulnerabilities exist in the command line interface (CLI) service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "Command injection vulnerabilities exist in the command line interface (CLI) service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:16:36.732Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerabilities in Command Line Interface (CLI) Service Accessed by PAPI Protocol of AOS-8 and AOS-10 Operating Systems",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44870",
"datePublished": "2026-05-12T19:16:36.732Z",
"dateReserved": "2026-05-07T21:29:07.697Z",
"dateUpdated": "2026-05-13T15:52:39.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23822 (GCVE-0-2026-23822)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:37 – Updated: 2026-05-12 19:25
VLAI?
EPSS
Title
Unauthenticated XML External Entity Injection in AOS-8 Instant allows Denial of Service
Summary
A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruption or reduced availability of the affected system.
NOTE: This vulnerability only impacts Access Points running AOS Instant 8.x.x.x
Severity ?
5.3 (Medium)
CWE
- CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) |
Credits
Nicholas Starke
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T19:25:52.086668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-776",
"description": "CWE-776 Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:25:55.101Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Nicholas Starke"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruption or reduced availability of the affected system.\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003eNOTE: This vulnerability only impacts Access Points running AOS Instant 8.x.x.x\u003c/p\u003e"
}
],
"value": "A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruption or reduced availability of the affected system.\n\n\n\n\n\n\n\n\nNOTE: This vulnerability only impacts Access Points running AOS Instant 8.x.x.x"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:37:08.787Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05049en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05049",
"discovery": "INTERNAL"
},
"title": "Unauthenticated XML External Entity Injection in AOS-8 Instant allows Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23822",
"datePublished": "2026-05-12T18:37:08.787Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-12T19:25:55.101Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44864 (GCVE-0-2026-44864)
Vulnerability from cvelistv5 – Published: 2026-05-12 19:11 – Updated: 2026-05-13 17:52
VLAI?
EPSS
Title
Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems
Summary
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.8.0.0 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44864",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T17:52:07.035233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T17:52:21.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:11:09.840Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44864",
"datePublished": "2026-05-12T19:11:09.840Z",
"dateReserved": "2026-05-07T21:29:07.696Z",
"dateUpdated": "2026-05-13T17:52:21.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23825 (GCVE-0-2026-23825)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:52 – Updated: 2026-05-13 16:02
VLAI?
EPSS
Title
Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component
Summary
Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition.
Severity ?
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
n3k
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23825",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T16:02:06.659523Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T16:02:23.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "n3k"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eVulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition.\u003c/p\u003e"
}
],
"value": "Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:52:50.232Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23825",
"datePublished": "2026-05-12T18:52:50.232Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-13T16:02:23.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…