Search criteria
34 vulnerabilities found for ArubaOS (AOS) by Hewlett Packard Enterprise (HPE)
CVE-2025-37145 (GCVE-0-2025-37145)
Vulnerability from cvelistv5 – Published: 2025-10-14 17:02 – Updated: 2025-10-15 13:26
VLAI?
Title
Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T13:26:17.654608Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:26:22.396Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T17:02:25.602Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37145",
"datePublished": "2025-10-14T17:02:25.602Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-15T13:26:22.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37144 (GCVE-0-2025-37144)
Vulnerability from cvelistv5 – Published: 2025-10-14 17:01 – Updated: 2025-10-15 13:33
VLAI?
Title
Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37144",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T13:33:18.489254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:33:21.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T17:01:50.715Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37144",
"datePublished": "2025-10-14T17:01:45.802Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-15T13:33:21.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37143 (GCVE-0-2025-37143)
Vulnerability from cvelistv5 – Published: 2025-10-14 17:00 – Updated: 2025-10-14 18:19
VLAI?
Title
Authenticated Arbitrary File Download Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web Interface (Physical Access Required)
Summary
An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
LIUPENG
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37143",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T18:17:44.685516Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T18:19:14.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LIUPENG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T17:00:24.490Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web Interface (Physical Access Required)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37143",
"datePublished": "2025-10-14T17:00:24.490Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T18:19:14.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37142 (GCVE-0-2025-37142)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:59 – Updated: 2025-10-14 19:27
VLAI?
Title
Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37142",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:27:07.734894Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:27:36.196Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:59:42.542Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37142",
"datePublished": "2025-10-14T16:59:42.542Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:27:36.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37141 (GCVE-0-2025-37141)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:59 – Updated: 2025-10-14 19:26
VLAI?
Title
Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37141",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:26:32.280411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:26:49.673Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:59:14.551Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37141",
"datePublished": "2025-10-14T16:59:14.551Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:26:49.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37140 (GCVE-0-2025-37140)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:58 – Updated: 2025-10-14 19:26
VLAI?
Title
Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37140",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:25:52.535303Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:26:15.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:58:41.022Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37140",
"datePublished": "2025-10-14T16:58:41.022Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:26:15.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37139 (GCVE-0-2025-37139)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:58 – Updated: 2025-10-14 19:25
VLAI?
Title
Vulnerability in AOS firmware allows for Authenticated Local malicious actor to Permanently Disable Boot
Summary
A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected hardware.
Severity ?
6 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
Nicholas Starke
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:25:18.837412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:25:30.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Nicholas Starke"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected hardware.\u003c/p\u003e"
}
],
"value": "A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected hardware."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:58:14.200Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Vulnerability in AOS firmware allows for Authenticated Local malicious actor to Permanently Disable Boot",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37139",
"datePublished": "2025-10-14T16:58:14.200Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:25:30.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37138 (GCVE-0-2025-37138)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:57 – Updated: 2025-10-14 19:24
VLAI?
Title
Authenticated Command Injection Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface (Physical Access Required)
Summary
An authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. Exploitation of this vulnerability requires physical access to the hardware controllers. A successful attack could allow an authenticated malicious actor with physical access to execute arbitrary commands as a privileged user on the underlying operating system.
Severity ?
6.2 (Medium)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37138",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:24:23.567629Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:24:40.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. Exploitation of this vulnerability requires physical access to the hardware controllers. A successful attack could allow an authenticated malicious actor with physical access to execute arbitrary commands as a privileged user on the underlying operating system.\u003c/p\u003e"
}
],
"value": "An authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. Exploitation of this vulnerability requires physical access to the hardware controllers. A successful attack could allow an authenticated malicious actor with physical access to execute arbitrary commands as a privileged user on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:57:50.910Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface (Physical Access Required)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37138",
"datePublished": "2025-10-14T16:57:50.910Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:24:40.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37137 (GCVE-0-2025-37137)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:57 – Updated: 2025-10-14 19:23
VLAI?
Title
Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)
Summary
Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.
Severity ?
6.5 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
LIUPENG
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37137",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:23:24.335394Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:23:51.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LIUPENG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.\u003c/p\u003e"
}
],
"value": "Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:57:32.140Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37137",
"datePublished": "2025-10-14T16:57:32.140Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:23:51.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37136 (GCVE-0-2025-37136)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:56 – Updated: 2025-10-14 19:22
VLAI?
Title
Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)
Summary
Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.
Severity ?
6.5 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:21:42.110280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:22:49.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.\u003c/p\u003e"
}
],
"value": "Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:56:58.248Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37136",
"datePublished": "2025-10-14T16:56:58.248Z",
"dateReserved": "2025-04-16T01:28:25.367Z",
"dateUpdated": "2025-10-14T19:22:49.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37135 (GCVE-0-2025-37135)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:56 – Updated: 2025-10-14 19:20
VLAI?
Title
Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)
Summary
Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.
Severity ?
6.5 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:20:30.895297Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:20:58.042Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.\u003c/p\u003e"
}
],
"value": "Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:56:37.077Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37135",
"datePublished": "2025-10-14T16:56:37.077Z",
"dateReserved": "2025-04-16T01:28:25.367Z",
"dateUpdated": "2025-10-14T19:20:58.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37134 (GCVE-0-2025-37134)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:56 – Updated: 2025-10-16 03:56
VLAI?
Title
Authenticated Command Injection Vulnerability in the Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T03:56:58.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.\u003c/p\u003e"
}
],
"value": "An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:56:05.389Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerability in the Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37134",
"datePublished": "2025-10-14T16:56:05.389Z",
"dateReserved": "2025-04-16T01:28:25.367Z",
"dateUpdated": "2025-10-16T03:56:58.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37133 (GCVE-0-2025-37133)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:54 – Updated: 2025-10-16 03:56
VLAI?
Title
Authenticated Command Injection Vulnerability in AOS-8 Controller/Mobility Conductor Web-Based Management Interface via the CLI Binaryalong with accounting controls for tracking and logging user activities and resource usage.
Summary
An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T03:56:59.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.\u003c/p\u003e"
}
],
"value": "An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:54:36.030Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerability in AOS-8 Controller/Mobility Conductor Web-Based Management Interface via the CLI Binaryalong with accounting controls for tracking and logging user activities and resource usage.",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37133",
"datePublished": "2025-10-14T16:54:36.030Z",
"dateReserved": "2025-04-16T01:28:25.367Z",
"dateUpdated": "2025-10-16T03:56:59.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37132 (GCVE-0-2025-37132)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:53 – Updated: 2025-10-16 03:57
VLAI?
Title
Authenticated Remote Code Execution Vulnerability in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface via Arbitrary File Write
Summary
An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files and execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37132",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T03:57:00.939Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files and execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files and execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:53:16.724Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Remote Code Execution Vulnerability in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface via Arbitrary File Write",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37132",
"datePublished": "2025-10-14T16:53:16.724Z",
"dateReserved": "2025-04-16T01:28:25.367Z",
"dateUpdated": "2025-10-16T03:57:00.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37148 (GCVE-0-2025-37148)
Vulnerability from cvelistv5 – Published: 2025-10-14 16:43 – Updated: 2025-10-14 19:15
VLAI?
Title
Kernel Panic triggered by Modified Ethernet Frames leads to Denial of Service Vulnerability
Summary
A vulnerability in the parsing of ethernet frames in AOS-8 Instant and AOS 10 could allow an unauthenticated remote attacker to conduct a denial of service attack. Successful exploitation could allow an attacker to potentially disrupt network services and require manual intervention to restore functionality.
Severity ?
6.5 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
Colton Bachman
Nicholas Starke
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37148",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:14:28.108904Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:15:02.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Colton Bachman"
},
{
"lang": "en",
"type": "reporter",
"value": "Nicholas Starke"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the parsing of ethernet frames in AOS-8 Instant and AOS 10 could allow an unauthenticated remote attacker to conduct a denial of service attack. Successful exploitation could allow an attacker to potentially disrupt network services and require manual intervention to restore functionality.\u003c/p\u003e"
}
],
"value": "A vulnerability in the parsing of ethernet frames in AOS-8 Instant and AOS 10 could allow an unauthenticated remote attacker to conduct a denial of service attack. Successful exploitation could allow an attacker to potentially disrupt network services and require manual intervention to restore functionality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:43:35.134Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04958en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04958",
"discovery": "INTERNAL"
},
"title": "Kernel Panic triggered by Modified Ethernet Frames leads to Denial of Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37148",
"datePublished": "2025-10-14T16:43:35.134Z",
"dateReserved": "2025-04-16T01:28:25.369Z",
"dateUpdated": "2025-10-14T19:15:02.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37145 (GCVE-0-2025-37145)
Vulnerability from nvd – Published: 2025-10-14 17:02 – Updated: 2025-10-15 13:26
VLAI?
Title
Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T13:26:17.654608Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:26:22.396Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T17:02:25.602Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37145",
"datePublished": "2025-10-14T17:02:25.602Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-15T13:26:22.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37144 (GCVE-0-2025-37144)
Vulnerability from nvd – Published: 2025-10-14 17:01 – Updated: 2025-10-15 13:33
VLAI?
Title
Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37144",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T13:33:18.489254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T13:33:21.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T17:01:50.715Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37144",
"datePublished": "2025-10-14T17:01:45.802Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-15T13:33:21.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37143 (GCVE-0-2025-37143)
Vulnerability from nvd – Published: 2025-10-14 17:00 – Updated: 2025-10-14 18:19
VLAI?
Title
Authenticated Arbitrary File Download Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web Interface (Physical Access Required)
Summary
An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
LIUPENG
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37143",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T18:17:44.685516Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T18:19:14.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LIUPENG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T17:00:24.490Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web Interface (Physical Access Required)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37143",
"datePublished": "2025-10-14T17:00:24.490Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T18:19:14.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37142 (GCVE-0-2025-37142)
Vulnerability from nvd – Published: 2025-10-14 16:59 – Updated: 2025-10-14 19:27
VLAI?
Title
Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37142",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:27:07.734894Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:27:36.196Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:59:42.542Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37142",
"datePublished": "2025-10-14T16:59:42.542Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:27:36.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37141 (GCVE-0-2025-37141)
Vulnerability from nvd – Published: 2025-10-14 16:59 – Updated: 2025-10-14 19:26
VLAI?
Title
Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37141",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:26:32.280411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:26:49.673Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:59:14.551Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37141",
"datePublished": "2025-10-14T16:59:14.551Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:26:49.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37140 (GCVE-0-2025-37140)
Vulnerability from nvd – Published: 2025-10-14 16:58 – Updated: 2025-10-14 19:26
VLAI?
Title
Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.
Severity ?
4.9 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37140",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:25:52.535303Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:26:15.112Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.\u003c/p\u003e"
}
],
"value": "Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:58:41.022Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37140",
"datePublished": "2025-10-14T16:58:41.022Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:26:15.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37139 (GCVE-0-2025-37139)
Vulnerability from nvd – Published: 2025-10-14 16:58 – Updated: 2025-10-14 19:25
VLAI?
Title
Vulnerability in AOS firmware allows for Authenticated Local malicious actor to Permanently Disable Boot
Summary
A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected hardware.
Severity ?
6 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
Nicholas Starke
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:25:18.837412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:25:30.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Nicholas Starke"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected hardware.\u003c/p\u003e"
}
],
"value": "A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected hardware."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:58:14.200Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Vulnerability in AOS firmware allows for Authenticated Local malicious actor to Permanently Disable Boot",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37139",
"datePublished": "2025-10-14T16:58:14.200Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:25:30.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37138 (GCVE-0-2025-37138)
Vulnerability from nvd – Published: 2025-10-14 16:57 – Updated: 2025-10-14 19:24
VLAI?
Title
Authenticated Command Injection Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface (Physical Access Required)
Summary
An authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. Exploitation of this vulnerability requires physical access to the hardware controllers. A successful attack could allow an authenticated malicious actor with physical access to execute arbitrary commands as a privileged user on the underlying operating system.
Severity ?
6.2 (Medium)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37138",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:24:23.567629Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:24:40.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. Exploitation of this vulnerability requires physical access to the hardware controllers. A successful attack could allow an authenticated malicious actor with physical access to execute arbitrary commands as a privileged user on the underlying operating system.\u003c/p\u003e"
}
],
"value": "An authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. Exploitation of this vulnerability requires physical access to the hardware controllers. A successful attack could allow an authenticated malicious actor with physical access to execute arbitrary commands as a privileged user on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:57:50.910Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface (Physical Access Required)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37138",
"datePublished": "2025-10-14T16:57:50.910Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:24:40.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37137 (GCVE-0-2025-37137)
Vulnerability from nvd – Published: 2025-10-14 16:57 – Updated: 2025-10-14 19:23
VLAI?
Title
Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)
Summary
Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.
Severity ?
6.5 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
LIUPENG
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37137",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:23:24.335394Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:23:51.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "LIUPENG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.\u003c/p\u003e"
}
],
"value": "Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:57:32.140Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37137",
"datePublished": "2025-10-14T16:57:32.140Z",
"dateReserved": "2025-04-16T01:28:25.368Z",
"dateUpdated": "2025-10-14T19:23:51.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37136 (GCVE-0-2025-37136)
Vulnerability from nvd – Published: 2025-10-14 16:56 – Updated: 2025-10-14 19:22
VLAI?
Title
Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)
Summary
Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.
Severity ?
6.5 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:21:42.110280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:22:49.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.\u003c/p\u003e"
}
],
"value": "Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:56:58.248Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37136",
"datePublished": "2025-10-14T16:56:58.248Z",
"dateReserved": "2025-04-16T01:28:25.367Z",
"dateUpdated": "2025-10-14T19:22:49.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37135 (GCVE-0-2025-37135)
Vulnerability from nvd – Published: 2025-10-14 16:56 – Updated: 2025-10-14 19:20
VLAI?
Title
Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)
Summary
Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.
Severity ?
6.5 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:20:30.895297Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:20:58.042Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.\u003c/p\u003e"
}
],
"value": "Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:56:37.077Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37135",
"datePublished": "2025-10-14T16:56:37.077Z",
"dateReserved": "2025-04-16T01:28:25.367Z",
"dateUpdated": "2025-10-14T19:20:58.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37134 (GCVE-0-2025-37134)
Vulnerability from nvd – Published: 2025-10-14 16:56 – Updated: 2025-10-16 03:56
VLAI?
Title
Authenticated Command Injection Vulnerability in the Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Summary
An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T03:56:58.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.\u003c/p\u003e"
}
],
"value": "An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:56:05.389Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerability in the Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37134",
"datePublished": "2025-10-14T16:56:05.389Z",
"dateReserved": "2025-04-16T01:28:25.367Z",
"dateUpdated": "2025-10-16T03:56:58.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37133 (GCVE-0-2025-37133)
Vulnerability from nvd – Published: 2025-10-14 16:54 – Updated: 2025-10-16 03:56
VLAI?
Title
Authenticated Command Injection Vulnerability in AOS-8 Controller/Mobility Conductor Web-Based Management Interface via the CLI Binaryalong with accounting controls for tracking and logging user activities and resource usage.
Summary
An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T03:56:59.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.\u003c/p\u003e"
}
],
"value": "An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:54:36.030Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection Vulnerability in AOS-8 Controller/Mobility Conductor Web-Based Management Interface via the CLI Binaryalong with accounting controls for tracking and logging user activities and resource usage.",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37133",
"datePublished": "2025-10-14T16:54:36.030Z",
"dateReserved": "2025-04-16T01:28:25.367Z",
"dateUpdated": "2025-10-16T03:56:59.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37132 (GCVE-0-2025-37132)
Vulnerability from nvd – Published: 2025-10-14 16:53 – Updated: 2025-10-16 03:57
VLAI?
Title
Authenticated Remote Code Execution Vulnerability in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface via Arbitrary File Write
Summary
An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files and execute arbitrary commands on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37132",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T03:57:00.939Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files and execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files and execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:53:16.724Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04957",
"discovery": "INTERNAL"
},
"title": "Authenticated Remote Code Execution Vulnerability in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface via Arbitrary File Write",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37132",
"datePublished": "2025-10-14T16:53:16.724Z",
"dateReserved": "2025-04-16T01:28:25.367Z",
"dateUpdated": "2025-10-16T03:57:00.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-37148 (GCVE-0-2025-37148)
Vulnerability from nvd – Published: 2025-10-14 16:43 – Updated: 2025-10-14 19:15
VLAI?
Title
Kernel Panic triggered by Modified Ethernet Frames leads to Denial of Service Vulnerability
Summary
A vulnerability in the parsing of ethernet frames in AOS-8 Instant and AOS 10 could allow an unauthenticated remote attacker to conduct a denial of service attack. Successful exploitation could allow an attacker to potentially disrupt network services and require manual intervention to restore functionality.
Severity ?
6.5 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.7.0.0 , ≤ 10.7.1.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.8 (semver) Affected: 8.13.0.0 , ≤ 8.13.0.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.5 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.18 (semver) |
Credits
Colton Bachman
Nicholas Starke
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37148",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-14T19:14:28.108904Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:15:02.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.8",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.0.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.5",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.18",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Colton Bachman"
},
{
"lang": "en",
"type": "reporter",
"value": "Nicholas Starke"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the parsing of ethernet frames in AOS-8 Instant and AOS 10 could allow an unauthenticated remote attacker to conduct a denial of service attack. Successful exploitation could allow an attacker to potentially disrupt network services and require manual intervention to restore functionality.\u003c/p\u003e"
}
],
"value": "A vulnerability in the parsing of ethernet frames in AOS-8 Instant and AOS 10 could allow an unauthenticated remote attacker to conduct a denial of service attack. Successful exploitation could allow an attacker to potentially disrupt network services and require manual intervention to restore functionality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T16:43:35.134Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04958en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04958",
"discovery": "INTERNAL"
},
"title": "Kernel Panic triggered by Modified Ethernet Frames leads to Denial of Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37148",
"datePublished": "2025-10-14T16:43:35.134Z",
"dateReserved": "2025-04-16T01:28:25.369Z",
"dateUpdated": "2025-10-14T19:15:02.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}