Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-37169 (GCVE-0-2025-37169)
Vulnerability from cvelistv5 – Published: 2026-01-13 20:03 – Updated: 2026-02-26 15:04
VLAI?
EPSS
Title
Stack Overflow Vulnerability in AOS-10 Web-Based Management Interface
Summary
A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system.
Severity ?
7.2 (High)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.6.0.0 , ≤ 10.7.2.1
(semver)
Affected: 10.3.0.0 , ≤ 10.4.1.9 (semver) |
Credits
zzcentury from Ubisectech Sirius Team
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-14T04:57:41.468740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:13.157Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "10.7.2.1",
"status": "affected",
"version": "10.6.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.9",
"status": "affected",
"version": "10.3.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury from Ubisectech Sirius Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system.\u003c/p\u003e"
}
],
"value": "A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T20:06:18.141Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04987en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW04987",
"discovery": "INTERNAL"
},
"title": "Stack Overflow Vulnerability in AOS-10 Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2025-37169",
"datePublished": "2026-01-13T20:03:33.822Z",
"dateReserved": "2025-04-16T01:28:25.376Z",
"dateUpdated": "2026-02-26T15:04:13.157Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-37169",
"date": "2026-05-20",
"epss": "0.00115",
"percentile": "0.29743"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-37169\",\"sourceIdentifier\":\"security-alert@hpe.com\",\"published\":\"2026-01-13T20:16:04.830\",\"lastModified\":\"2026-02-25T19:43:16.213\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-alert@hpe.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3.0.0\",\"versionEndExcluding\":\"10.4.1.10\",\"matchCriteriaId\":\"93E77EBB-E46E-47E5-ADD2-1BD80257B08B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.5.0.0\",\"versionEndExcluding\":\"10.7.2.2\",\"matchCriteriaId\":\"48B3A810-4DD3-403E-9A76-AB86EF7EA9D1\"}]}]}],\"references\":[{\"url\":\"https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04987en_us\u0026docLocale=en_US\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2026-AVI-0042
Vulnerability from certfr_avis - Published: 2026-01-14 - Updated: 2026-01-14
De multiples vulnérabilités ont été découvertes dans les produits HPE Aruba Networking. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
L’éditeur précise que les versions ArubaOS 6.5.4.x, 8.6.x, 8.7.x, 8.8.x, 8.9.x, 8.11.x, 8.12.x 10.3.x, 10.5.x, 10.6.x et SD-WAN 8.6.0.4-2.2.x, 8.7.0.0-2.3.0.x sont en fin de maintenance (EoM) et ne bénéficient plus de mises à jour de sécurité.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| HPE Aruba Networking | Instant On | Instant On versions antérieures à 3.3.2.0 | ||
| HPE Aruba Networking | EdgeConnect SD-WAN Orchestrator | EdgeConnect SD-WAN Orchestrator versions antérieures à 9.5.6 | ||
| HPE Aruba Networking | Virtual Intranet Access | Virtual Intranet Access (VIA) versions antérieures à 4.7.6 | ||
| HPE Aruba Networking | EdgeConnect SD-WAN Orchestrator | EdgeConnect SD-WAN Orchestrator versions antérieures à 9.6.1 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 10.7.x antérieures à 10.7.2.2 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 8.10.x antérieures à 8.10.0.21 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 10.4.x antérieures à 10.4.1.9 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 8.13.x antérieures à 8.13.1.1 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Instant On versions ant\u00e9rieures \u00e0 3.3.2.0",
"product": {
"name": "Instant On",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "EdgeConnect SD-WAN Orchestrator versions ant\u00e9rieures \u00e0 9.5.6",
"product": {
"name": "EdgeConnect SD-WAN Orchestrator",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "Virtual Intranet Access (VIA) versions ant\u00e9rieures \u00e0 4.7.6",
"product": {
"name": "Virtual Intranet Access",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "EdgeConnect SD-WAN Orchestrator versions ant\u00e9rieures \u00e0 9.6.1",
"product": {
"name": "EdgeConnect SD-WAN Orchestrator",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 10.7.x ant\u00e9rieures \u00e0 10.7.2.2",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 8.10.x ant\u00e9rieures \u00e0 8.10.0.21",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 10.4.x ant\u00e9rieures \u00e0 10.4.1.9",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 8.13.x ant\u00e9rieures \u00e0 8.13.1.1",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
}
],
"affected_systems_content": "L\u2019\u00e9diteur pr\u00e9cise que les versions ArubaOS 6.5.4.x, 8.6.x, 8.7.x, 8.8.x, 8.9.x, 8.11.x, 8.12.x 10.3.x, 10.5.x, 10.6.x et SD-WAN 8.6.0.4-2.2.x, 8.7.0.0-2.3.0.x sont en fin de maintenance (EoM) et ne b\u00e9n\u00e9ficient plus de mises \u00e0 jour de s\u00e9curit\u00e9.",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-37177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37177"
},
{
"name": "CVE-2025-37172",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37172"
},
{
"name": "CVE-2023-52340",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
},
{
"name": "CVE-2025-37179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37179"
},
{
"name": "CVE-2025-37165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37165"
},
{
"name": "CVE-2025-37168",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37168"
},
{
"name": "CVE-2025-37173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37173"
},
{
"name": "CVE-2025-37170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37170"
},
{
"name": "CVE-2026-37185",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-37185"
},
{
"name": "CVE-2025-37169",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37169"
},
{
"name": "CVE-2025-37176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37176"
},
{
"name": "CVE-2025-37171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37171"
},
{
"name": "CVE-2026-37183",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-37183"
},
{
"name": "CVE-2025-37174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37174"
},
{
"name": "CVE-2022-48839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48839"
},
{
"name": "CVE-2025-37175",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37175"
},
{
"name": "CVE-2026-37182",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-37182"
},
{
"name": "CVE-2025-37178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37178"
},
{
"name": "CVE-2026-37184",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-37184"
},
{
"name": "CVE-2025-37166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37166"
},
{
"name": "CVE-2025-37186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37186"
}
],
"initial_release_date": "2026-01-14T00:00:00",
"last_revision_date": "2026-01-14T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0042",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-01-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits HPE Aruba Networking. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits HPE Aruba Networking",
"vendor_advisories": [
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW04987",
"url": "https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04987.txt"
},
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW04994",
"url": "https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04994.txt"
},
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW04988",
"url": "https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04988.txt"
},
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW04992",
"url": "https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04992.txt"
}
]
}
CERTFR-2026-AVI-0042
Vulnerability from certfr_avis - Published: 2026-01-14 - Updated: 2026-01-14
De multiples vulnérabilités ont été découvertes dans les produits HPE Aruba Networking. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
L’éditeur précise que les versions ArubaOS 6.5.4.x, 8.6.x, 8.7.x, 8.8.x, 8.9.x, 8.11.x, 8.12.x 10.3.x, 10.5.x, 10.6.x et SD-WAN 8.6.0.4-2.2.x, 8.7.0.0-2.3.0.x sont en fin de maintenance (EoM) et ne bénéficient plus de mises à jour de sécurité.
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| HPE Aruba Networking | Instant On | Instant On versions antérieures à 3.3.2.0 | ||
| HPE Aruba Networking | EdgeConnect SD-WAN Orchestrator | EdgeConnect SD-WAN Orchestrator versions antérieures à 9.5.6 | ||
| HPE Aruba Networking | Virtual Intranet Access | Virtual Intranet Access (VIA) versions antérieures à 4.7.6 | ||
| HPE Aruba Networking | EdgeConnect SD-WAN Orchestrator | EdgeConnect SD-WAN Orchestrator versions antérieures à 9.6.1 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 10.7.x antérieures à 10.7.2.2 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 8.10.x antérieures à 8.10.0.21 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 10.4.x antérieures à 10.4.1.9 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 8.13.x antérieures à 8.13.1.1 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Instant On versions ant\u00e9rieures \u00e0 3.3.2.0",
"product": {
"name": "Instant On",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "EdgeConnect SD-WAN Orchestrator versions ant\u00e9rieures \u00e0 9.5.6",
"product": {
"name": "EdgeConnect SD-WAN Orchestrator",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "Virtual Intranet Access (VIA) versions ant\u00e9rieures \u00e0 4.7.6",
"product": {
"name": "Virtual Intranet Access",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "EdgeConnect SD-WAN Orchestrator versions ant\u00e9rieures \u00e0 9.6.1",
"product": {
"name": "EdgeConnect SD-WAN Orchestrator",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 10.7.x ant\u00e9rieures \u00e0 10.7.2.2",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 8.10.x ant\u00e9rieures \u00e0 8.10.0.21",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 10.4.x ant\u00e9rieures \u00e0 10.4.1.9",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 8.13.x ant\u00e9rieures \u00e0 8.13.1.1",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
}
],
"affected_systems_content": "L\u2019\u00e9diteur pr\u00e9cise que les versions ArubaOS 6.5.4.x, 8.6.x, 8.7.x, 8.8.x, 8.9.x, 8.11.x, 8.12.x 10.3.x, 10.5.x, 10.6.x et SD-WAN 8.6.0.4-2.2.x, 8.7.0.0-2.3.0.x sont en fin de maintenance (EoM) et ne b\u00e9n\u00e9ficient plus de mises \u00e0 jour de s\u00e9curit\u00e9.",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-37177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37177"
},
{
"name": "CVE-2025-37172",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37172"
},
{
"name": "CVE-2023-52340",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
},
{
"name": "CVE-2025-37179",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37179"
},
{
"name": "CVE-2025-37165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37165"
},
{
"name": "CVE-2025-37168",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37168"
},
{
"name": "CVE-2025-37173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37173"
},
{
"name": "CVE-2025-37170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37170"
},
{
"name": "CVE-2026-37185",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-37185"
},
{
"name": "CVE-2025-37169",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37169"
},
{
"name": "CVE-2025-37176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37176"
},
{
"name": "CVE-2025-37171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37171"
},
{
"name": "CVE-2026-37183",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-37183"
},
{
"name": "CVE-2025-37174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37174"
},
{
"name": "CVE-2022-48839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48839"
},
{
"name": "CVE-2025-37175",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37175"
},
{
"name": "CVE-2026-37182",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-37182"
},
{
"name": "CVE-2025-37178",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37178"
},
{
"name": "CVE-2026-37184",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-37184"
},
{
"name": "CVE-2025-37166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37166"
},
{
"name": "CVE-2025-37186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37186"
}
],
"initial_release_date": "2026-01-14T00:00:00",
"last_revision_date": "2026-01-14T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0042",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-01-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits HPE Aruba Networking. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits HPE Aruba Networking",
"vendor_advisories": [
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW04987",
"url": "https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04987.txt"
},
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW04994",
"url": "https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04994.txt"
},
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW04988",
"url": "https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04988.txt"
},
{
"published_at": "2026-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW04992",
"url": "https://csaf.arubanetworks.com/2026/hpe_aruba_networking_-_hpesbnw04992.txt"
}
]
}
FKIE_CVE-2025-37169
Vulnerability from fkie_nvd - Published: 2026-01-13 20:16 - Updated: 2026-02-25 19:43
Severity ?
Summary
A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arubanetworks | arubaos | * | |
| arubanetworks | arubaos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93E77EBB-E46E-47E5-ADD2-1BD80257B08B",
"versionEndExcluding": "10.4.1.10",
"versionStartIncluding": "10.3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48B3A810-4DD3-403E-9A76-AB86EF7EA9D1",
"versionEndExcluding": "10.7.2.2",
"versionStartIncluding": "10.5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de pila existe en la interfaz de gesti\u00f3n basada en web AOS-10 de un Mobility Gateway. Una explotaci\u00f3n exitosa podr\u00eda permitir a un actor malicioso autenticado ejecutar c\u00f3digo arbitrario como un usuario privilegiado en el sistema operativo subyacente."
}
],
"id": "CVE-2025-37169",
"lastModified": "2026-02-25T19:43:16.213",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "security-alert@hpe.com",
"type": "Secondary"
}
]
},
"published": "2026-01-13T20:16:04.830",
"references": [
{
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04987en_us\u0026docLocale=en_US"
}
],
"sourceIdentifier": "security-alert@hpe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-3V94-PMVX-X3WH
Vulnerability from github – Published: 2026-01-13 21:31 – Updated: 2026-01-13 21:31
VLAI?
Details
A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system.
Severity ?
7.2 (High)
{
"affected": [],
"aliases": [
"CVE-2025-37169"
],
"database_specific": {
"cwe_ids": [
"CWE-121",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-13T20:16:04Z",
"severity": "HIGH"
},
"details": "A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system.",
"id": "GHSA-3v94-pmvx-x3wh",
"modified": "2026-01-13T21:31:44Z",
"published": "2026-01-13T21:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37169"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04987en_us\u0026docLocale=en_US"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
NCSC-2026-0016
Vulnerability from csaf_ncscnl - Published: 2026-01-16 09:44 - Updated: 2026-01-16 09:44Summary
Kwetsbaarheden verholpen in Aruba Networks ArubaOS
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Aruba Networks heeft kwetsbaarheden verholpen in AOS-8 en AOS-10.
Interpretaties: De kwetsbaarheden bevinden zich in de webmanagementinterfaces van de AOS-8 en AOS-10 systemen. Deze kwetsbaarheden omvatten onder andere een arbitrarily file deletion, stack overflow, command injection, en improper input handling. Een kwaadwillende kan deze kwetsbaarheden misbruiken om ongeautoriseerde toegang te verkrijgen, bestanden te verwijderen of te manipuleren, en zelfs commando's met verhoogde privileges uit te voeren.
Voor succesvol misbruik moet de kwaadwillende toegang hebben tot de management-interface, of de Command Line. Het is goed gebruik om een dergelijke interface niet publiek toegankelijk te hebben, maar af te steunen in een separate beheeromgeving.
Oplossingen: Aruba Networks heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-20: Improper Input Validation
CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-125: Out-of-bounds Read
CWE-277: Insecure Inherited Permissions
CWE-434: Unrestricted Upload of File with Dangerous Type
CWE-552: Files or Directories Accessible to External Parties
AOS-8 operating system for mobility conductors has an arbitrary file deletion vulnerability that allows unauthenticated remote attackers to delete files, potentially causing denial-of-service issues.
8.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
A stack overflow vulnerability in the AOS-10 web management interface of a Mobility Gateway allows authenticated attackers to execute arbitrary code with elevated privileges on the operating system.
7.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
Authenticated command injection vulnerabilities in the AOS-8 operating system's web management interface for mobility conductors allow malicious actors to execute arbitrary commands with elevated privileges.
7.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
Authenticated command injection vulnerabilities in the AOS-8 operating system's web management interface for mobility conductors allow malicious actors to execute arbitrary commands with elevated privileges.
7.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
Authenticated command injection vulnerabilities in the AOS-8 operating system's web management interface for mobility conductors allow malicious actors to execute arbitrary commands with elevated privileges.
7.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
An authenticated attacker could exploit an improper input handling vulnerability in the web-based management interface of mobility conductors using AOS-10 or AOS-8, leading to unintended system behavior.
7.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
An authenticated arbitrary file write vulnerability in the web-based management interface of mobility conductors using AOS-10 or AOS-8 allows privileged users to create or modify files and execute commands.
7.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
An arbitrary file upload vulnerability in the web-based management interface of mobility conductors using AOS-10 or AOS-8 allows authenticated attackers to upload files and execute commands on the operating system.
7.2 (High)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
AOS-8 contains a command injection vulnerability that allows authenticated privileged users to modify package headers and potentially execute shell commands with elevated privileges.
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
A vulnerability in the command-line interface of mobility conductors using AOS-10 or AOS-8 allows authenticated remote attackers to delete arbitrary files on the system.
6.5 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
Multiple out-of-bounds read vulnerabilities were identified in a system component due to insufficient buffer size validation, potentially causing process crashes and denial-of-service conditions.
5.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
Multiple out-of-bounds read vulnerabilities were identified in a system component due to insufficient buffer size validation, potentially causing process crashes and denial-of-service conditions.
5.3 (Medium)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/*
HPE / ArubaOS (AOS)
|
vers:unknown/* |
References
13 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Aruba Networks heeft kwetsbaarheden verholpen in AOS-8 en AOS-10.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden bevinden zich in de webmanagementinterfaces van de AOS-8 en AOS-10 systemen. Deze kwetsbaarheden omvatten onder andere een arbitrarily file deletion, stack overflow, command injection, en improper input handling. Een kwaadwillende kan deze kwetsbaarheden misbruiken om ongeautoriseerde toegang te verkrijgen, bestanden te verwijderen of te manipuleren, en zelfs commando\u0027s met verhoogde privileges uit te voeren. \n\nVoor succesvol misbruik moet de kwaadwillende toegang hebben tot de management-interface, of de Command Line. Het is goed gebruik om een dergelijke interface niet publiek toegankelijk te hebben, maar af te steunen in een separate beheeromgeving.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Aruba Networks heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Insecure Inherited Permissions",
"title": "CWE-277"
},
{
"category": "general",
"text": "Unrestricted Upload of File with Dangerous Type",
"title": "CWE-434"
},
{
"category": "general",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04987en_us\u0026docLocale=en_US"
}
],
"title": "Kwetsbaarheden verholpen in Aruba Networks ArubaOS",
"tracking": {
"current_release_date": "2026-01-16T09:44:20.575860Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2026-0016",
"initial_release_date": "2026-01-16T09:44:20.575860Z",
"revision_history": [
{
"date": "2026-01-16T09:44:20.575860Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "ArubaOS (AOS)"
}
],
"category": "vendor",
"name": "HPE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-37168",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"notes": [
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "description",
"text": "AOS-8 operating system for mobility conductors has an arbitrary file deletion vulnerability that allows unauthenticated remote attackers to delete files, potentially causing denial-of-service issues.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37168 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37168.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37168"
},
{
"cve": "CVE-2025-37169",
"notes": [
{
"category": "description",
"text": "A stack overflow vulnerability in the AOS-10 web management interface of a Mobility Gateway allows authenticated attackers to execute arbitrary code with elevated privileges on the operating system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37169 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37169.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37169"
},
{
"cve": "CVE-2025-37170",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "description",
"text": "Authenticated command injection vulnerabilities in the AOS-8 operating system\u0027s web management interface for mobility conductors allow malicious actors to execute arbitrary commands with elevated privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37170 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37170.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37170"
},
{
"cve": "CVE-2025-37171",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "description",
"text": "Authenticated command injection vulnerabilities in the AOS-8 operating system\u0027s web management interface for mobility conductors allow malicious actors to execute arbitrary commands with elevated privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37171 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37171.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37171"
},
{
"cve": "CVE-2025-37172",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "description",
"text": "Authenticated command injection vulnerabilities in the AOS-8 operating system\u0027s web management interface for mobility conductors allow malicious actors to execute arbitrary commands with elevated privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37172 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37172.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37172"
},
{
"cve": "CVE-2025-37173",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "An authenticated attacker could exploit an improper input handling vulnerability in the web-based management interface of mobility conductors using AOS-10 or AOS-8, leading to unintended system behavior.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37173 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37173.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37173"
},
{
"cve": "CVE-2025-37174",
"cwe": {
"id": "CWE-277",
"name": "Insecure Inherited Permissions"
},
"notes": [
{
"category": "other",
"text": "Insecure Inherited Permissions",
"title": "CWE-277"
},
{
"category": "description",
"text": "An authenticated arbitrary file write vulnerability in the web-based management interface of mobility conductors using AOS-10 or AOS-8 allows privileged users to create or modify files and execute commands.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37174 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37174.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37174"
},
{
"cve": "CVE-2025-37175",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"notes": [
{
"category": "other",
"text": "Unrestricted Upload of File with Dangerous Type",
"title": "CWE-434"
},
{
"category": "description",
"text": "An arbitrary file upload vulnerability in the web-based management interface of mobility conductors using AOS-10 or AOS-8 allows authenticated attackers to upload files and execute commands on the operating system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37175 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37175.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37175"
},
{
"cve": "CVE-2025-37176",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "description",
"text": "AOS-8 contains a command injection vulnerability that allows authenticated privileged users to modify package headers and potentially execute shell commands with elevated privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37176 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37176.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37176"
},
{
"cve": "CVE-2025-37177",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"notes": [
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "description",
"text": "A vulnerability in the command-line interface of mobility conductors using AOS-10 or AOS-8 allows authenticated remote attackers to delete arbitrary files on the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37177 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37177.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37177"
},
{
"cve": "CVE-2025-37178",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple out-of-bounds read vulnerabilities were identified in a system component due to insufficient buffer size validation, potentially causing process crashes and denial-of-service conditions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37178 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37178.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37178"
},
{
"cve": "CVE-2025-37179",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple out-of-bounds read vulnerabilities were identified in a system component due to insufficient buffer size validation, potentially causing process crashes and denial-of-service conditions.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-37179 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-37179.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1"
]
}
],
"title": "CVE-2025-37179"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…