Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0294
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits HPE Aruba Networking. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
L'éditeur indique que les versions AOS-10 AP 10.6.x, AOS-10 AP 10.5.x, AOS-10 AP 10.3.x, AOS-8 Instant 8.11.x, AOS-8 Instant 8.9.x, AOS-8 Instant 8.8.x, AOS-8 Instant 8.7.x, AOS-8 Instant 8.6.x, AOS-8 Instant 8.5.x, AOS-8 Instant 8.4.x, AOS Instant 6.5.x et AOS Instant 6.4.x sont affectées mais ne bénéficieront pas de correctifs de sécurité.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| HPE Aruba Networking | AOS | AOS-8 Instant versions 8.12.x antérieures à 8.12.0.4 | ||
| HPE Aruba Networking | AOS | AOS-10 AP versions 10.7.x antérieures à 10.7.0.2 | ||
| HPE Aruba Networking | AOS | AOS-8 Instant versions 8.10.x antérieures à 8.10.0.16 | ||
| HPE Aruba Networking | AOS | AOS-10 AP versions 10.4.x antérieures à 10.4.1.6 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AOS-8 Instant versions 8.12.x ant\u00e9rieures \u00e0 8.12.0.4",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "AOS-10 AP versions 10.7.x ant\u00e9rieures \u00e0 10.7.0.2",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "AOS-8 Instant versions 8.10.x ant\u00e9rieures \u00e0 8.10.0.16",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "AOS-10 AP versions 10.4.x ant\u00e9rieures \u00e0 10.4.1.6",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
}
],
"affected_systems_content": "L\u0027\u00e9diteur indique que les versions AOS-10 AP 10.6.x, AOS-10 AP 10.5.x, AOS-10 AP 10.3.x, AOS-8 Instant 8.11.x, AOS-8 Instant 8.9.x, AOS-8 Instant 8.8.x, AOS-8 Instant 8.7.x, AOS-8 Instant 8.6.x, AOS-8 Instant 8.5.x, AOS-8 Instant 8.4.x, AOS Instant 6.5.x et AOS Instant 6.4.x sont affect\u00e9es mais ne b\u00e9n\u00e9ficieront pas de correctifs de s\u00e9curit\u00e9.",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-27085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27085"
},
{
"name": "CVE-2025-27079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27079"
},
{
"name": "CVE-2025-27083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27083"
},
{
"name": "CVE-2025-27078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27078"
},
{
"name": "CVE-2025-27084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27084"
},
{
"name": "CVE-2025-27082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27082"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0294",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-09T00:00:00.000000"
},
{
"description": "Modification des syst\u00e8mes affect\u00e9s",
"revision_date": "2025-04-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits HPE Aruba Networking. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits HPE Aruba Networking",
"vendor_advisories": [
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW04844",
"url": "https://csaf.arubanetworks.com/2025/hpe_aruba_networking_-_hpesbnw04844.txt"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW04845",
"url": "https://csaf.arubanetworks.com/2025/hpe_aruba_networking_-_hpesbnw04845.txt"
}
]
}
CVE-2025-27079 (GCVE-0-2025-27079)
Vulnerability from cvelistv5 – Published: 2025-04-08 15:57 – Updated: 2025-04-09 04:00
VLAI?
EPSS
Summary
A vulnerability in the file creation process on the command line interface of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to perform remote code execution (RCE). Successful exploitation could allow an attacker to execute arbitrary operating system commands on the underlying operating system leading to potential system compromise.
Severity ?
6 (Medium)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | AOS-10 AP |
Affected:
10.7.0.0 , ≤ 10.7.0.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.5 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.3 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.15 (semver) |
Credits
ZZ from Moonlight Bug Hunter
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27079",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T04:00:48.360Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AOS-10 AP",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.0.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.5",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.3",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.15",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ZZ from Moonlight Bug Hunter"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the file creation process on the command line interface of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to perform remote code execution (RCE). Successful exploitation could allow an attacker to execute arbitrary operating system commands on the underlying operating system leading to potential system compromise.\u003c/p\u003e"
}
],
"value": "A vulnerability in the file creation process on the command line interface of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to perform remote code execution (RCE). Successful exploitation could allow an attacker to execute arbitrary operating system commands on the underlying operating system leading to potential system compromise."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T15:57:33.673Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04844en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04844",
"discovery": "EXTERNAL"
},
"title": "Arbitrary File Creation vulnerability allows for Authenticated Remote Code Execution in CLI Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-27079",
"datePublished": "2025-04-08T15:57:33.673Z",
"dateReserved": "2025-02-18T14:05:41.921Z",
"dateUpdated": "2025-04-09T04:00:48.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27083 (GCVE-0-2025-27083)
Vulnerability from cvelistv5 – Published: 2025-04-08 16:26 – Updated: 2025-04-09 17:44
VLAI?
EPSS
Summary
Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller/Mobility Conductor web-based management interface. Successful exploitation of these vulnerabilities allows an Authenticated attacker to execute arbitrary commands as a privileged user on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS |
Affected:
10.7.0.0 , ≤ 10.7.1.0
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.6 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.3 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.15 (semver) |
Credits
ZZ from Moonlight Bug Hunter
LIUPENG
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27083",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T17:42:40.127838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T17:44:13.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HPE Aruba Networking AOS",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.0",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.6",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.3",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.15",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ZZ from Moonlight Bug Hunter"
},
{
"lang": "en",
"type": "finder",
"value": "LIUPENG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller/Mobility Conductor web-based management interface. Successful exploitation of these vulnerabilities allows an Authenticated attacker to execute arbitrary commands as a privileged user on the underlying operating system.\u003cbr\u003e"
}
],
"value": "Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller/Mobility Conductor web-based management interface. Successful exploitation of these vulnerabilities allows an Authenticated attacker to execute arbitrary commands as a privileged user on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T16:26:50.920Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04845",
"discovery": "EXTERNAL"
},
"title": "Authenticated Command Injection Vulnerabilities in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-27083",
"datePublished": "2025-04-08T16:26:50.920Z",
"dateReserved": "2025-02-18T14:05:41.921Z",
"dateUpdated": "2025-04-09T17:44:13.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27084 (GCVE-0-2025-27084)
Vulnerability from cvelistv5 – Published: 2025-04-08 16:32 – Updated: 2025-04-09 17:44
VLAI?
EPSS
Summary
A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victim's browser within the context of the affected interface.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS |
Affected:
10.7.0.0 , ≤ 10.7.1.0
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.6 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.3 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.15 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27084",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T17:44:41.072819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T17:44:59.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HPE Aruba Networking AOS",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.0",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.6",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.3",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.15",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victim\u0027s browser within the context of the affected interface.\u003cbr\u003e"
}
],
"value": "A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack. Successful exploitation could enable the attacker to execute arbitrary script code in the victim\u0027s browser within the context of the affected interface."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T16:33:09.252Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04845",
"discovery": "INTERNAL"
},
"title": "Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal (CP) of an AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-27084",
"datePublished": "2025-04-08T16:32:46.764Z",
"dateReserved": "2025-02-18T14:05:41.921Z",
"dateUpdated": "2025-04-09T17:44:59.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27078 (GCVE-0-2025-27078)
Vulnerability from cvelistv5 – Published: 2025-04-08 15:57 – Updated: 2025-04-09 04:00
VLAI?
EPSS
Summary
A vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to inject commands into the underlying operating system while using the CLI. Successful exploitation could lead to complete system compromise.
Severity ?
6.5 (Medium)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | AOS-10 AP |
Affected:
10.7.0.0 , ≤ 10.7.0.1
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.5 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.3 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.15 (semver) |
Credits
ZZ from Moonlight Bug Hunter
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27078",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T04:00:46.758Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AOS-10 AP",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.0.1",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.5",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.3",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.15",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ZZ from Moonlight Bug Hunter"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to inject commands into the underlying operating system while using the CLI. Successful exploitation could lead to complete system compromise.\u003c/p\u003e"
}
],
"value": "A vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to inject commands into the underlying operating system while using the CLI. Successful exploitation could lead to complete system compromise."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T15:57:02.519Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04844en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04844",
"discovery": "EXTERNAL"
},
"title": "Authenticated Remote Command Execution caused by Insecure Function Usage in System Binary",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-27078",
"datePublished": "2025-04-08T15:57:02.519Z",
"dateReserved": "2025-02-18T14:05:41.921Z",
"dateUpdated": "2025-04-09T04:00:46.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27085 (GCVE-0-2025-27085)
Vulnerability from cvelistv5 – Published: 2025-04-08 16:29 – Updated: 2025-04-09 17:45
VLAI?
EPSS
Summary
Multiple vulnerabilities exist in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device.
Severity ?
4.9 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS |
Affected:
10.7.0.0 , ≤ 10.7.1.0
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.6 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.3 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.15 (semver) |
Credits
ZZ from Moonlight Bug Hunter
LIUPENG
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27085",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T17:45:19.244397Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T17:45:48.190Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HPE Aruba Networking AOS",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.0",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.6",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.3",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.15",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ZZ from Moonlight Bug Hunter"
},
{
"lang": "en",
"type": "finder",
"value": "LIUPENG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Multiple vulnerabilities exist in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. \u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Multiple vulnerabilities exist in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T16:29:25.829Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04845",
"discovery": "EXTERNAL"
},
"title": "Arbitrary File Download Vulnerabilities in Web-Based Management Interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-27085",
"datePublished": "2025-04-08T16:29:25.829Z",
"dateReserved": "2025-02-18T14:05:41.921Z",
"dateUpdated": "2025-04-09T17:45:48.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27082 (GCVE-0-2025-27082)
Vulnerability from cvelistv5 – Published: 2025-04-08 16:22 – Updated: 2025-04-09 04:00
VLAI?
EPSS
Summary
Arbitrary File Write vulnerabilities exist in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated attacker to upload arbitrary files and execute arbitrary commands on the underlying host operating system.
Severity ?
7.2 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS |
Affected:
10.7.0.0 , ≤ 10.7.1.0
(semver)
Affected: 10.4.0.0 , ≤ 10.4.1.6 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.3 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.15 (semver) |
Credits
ZZ from Moonlight Bug Hunter
LIUPENG
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27082",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T04:00:50.324Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HPE Aruba Networking AOS",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.1.0",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.6",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.3",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.15",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ZZ from Moonlight Bug Hunter"
},
{
"lang": "en",
"type": "finder",
"value": "LIUPENG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Arbitrary File Write vulnerabilities exist in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated attacker to upload arbitrary files and execute arbitrary commands on the underlying host operating system.\u003cbr\u003e"
}
],
"value": "Arbitrary File Write vulnerabilities exist in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated attacker to upload arbitrary files and execute arbitrary commands on the underlying host operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T16:22:50.625Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04845en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04845",
"discovery": "EXTERNAL"
},
"title": "Authenticated Remote Code Execution Vulnerabilities in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface via Arbitrary File Write",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-27082",
"datePublished": "2025-04-08T16:22:50.625Z",
"dateReserved": "2025-02-18T14:05:41.921Z",
"dateUpdated": "2025-04-09T04:00:50.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…