Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2026-AVI-0573
Vulnerability from certfr_avis - Published: 2026-05-13 - Updated: 2026-05-13
De multiples vulnérabilités ont été découvertes dans les produits HPE Aruba Networking. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| HPE Aruba Networking | AOS | ArubaOS versions 10.8.x antérieures à AOS-10.8.0.1 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 10.7.x antérieures à AOS-10.7.2.3 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 8.13.x antérieures à AOS-8.13.1.2 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 8.12.x antérieures à AOS-8.12.0.7 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 8.10.x antérieures à AOS-8.10.0.22 | ||
| HPE Aruba Networking | AOS | ArubaOS versions 10.4.x antérieures à AOS-10.4.1.11 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ArubaOS versions 10.8.x ant\u00e9rieures \u00e0 AOS-10.8.0.1",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 10.7.x ant\u00e9rieures \u00e0 AOS-10.7.2.3",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 8.13.x ant\u00e9rieures \u00e0 AOS-8.13.1.2",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 8.12.x ant\u00e9rieures \u00e0 AOS-8.12.0.7",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 8.10.x ant\u00e9rieures \u00e0 AOS-8.10.0.22",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "ArubaOS versions 10.4.x ant\u00e9rieures \u00e0 AOS-10.4.1.11",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-44854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44854"
},
{
"name": "CVE-2026-23823",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23823"
},
{
"name": "CVE-2026-44868",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44868"
},
{
"name": "CVE-2026-44852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44852"
},
{
"name": "CVE-2026-23824",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23824"
},
{
"name": "CVE-2026-44856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44856"
},
{
"name": "CVE-2026-44872",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44872"
},
{
"name": "CVE-2026-44864",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44864"
},
{
"name": "CVE-2026-44861",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44861"
},
{
"name": "CVE-2026-23827",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23827"
},
{
"name": "CVE-2026-44866",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44866"
},
{
"name": "CVE-2026-23826",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23826"
},
{
"name": "CVE-2026-44869",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44869"
},
{
"name": "CVE-2026-44858",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44858"
},
{
"name": "CVE-2026-44857",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44857"
},
{
"name": "CVE-2026-44873",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44873"
},
{
"name": "CVE-2026-44874",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44874"
},
{
"name": "CVE-2026-44865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44865"
},
{
"name": "CVE-2026-23821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23821"
},
{
"name": "CVE-2026-23819",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23819"
},
{
"name": "CVE-2026-44853",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44853"
},
{
"name": "CVE-2026-44863",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44863"
},
{
"name": "CVE-2026-44855",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44855"
},
{
"name": "CVE-2026-44859",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44859"
},
{
"name": "CVE-2026-44862",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44862"
},
{
"name": "CVE-2026-23825",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23825"
},
{
"name": "CVE-2026-23820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23820"
},
{
"name": "CVE-2026-44867",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44867"
},
{
"name": "CVE-2026-44870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44870"
},
{
"name": "CVE-2026-23822",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23822"
},
{
"name": "CVE-2026-44860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44860"
}
],
"initial_release_date": "2026-05-13T00:00:00",
"last_revision_date": "2026-05-13T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0573",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits HPE Aruba Networking. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits HPE Aruba Networking",
"vendor_advisories": [
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW05048",
"url": "https://csaf.arubanetworking.hpe.com/2026/hpe_aruba_networking_-_hpesbnw05048.txt"
},
{
"published_at": "2026-05-12",
"title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW05049",
"url": "https://csaf.arubanetworking.hpe.com/2026/hpe_aruba_networking_-_hpesbnw05049.txt"
}
]
}
CVE-2026-23819 (GCVE-0-2026-23819)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:31 – Updated: 2026-05-12 19:31
VLAI
EPSS
Title
Error in SSID Processing allows Stored XSS in Web Management Interface
Summary
A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an attacker to compromise user data and potentially manipulate device configuration settings.
Severity
8.8 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) Affected: 8.13.0.0 , ≤ 8.13.1.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) |
Credits
Michael Messner
Benedikt Kuehne
Caio Adler Goncalves Farias
Siemens Energy
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T19:30:46.532539Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:31:00.149Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Michael Messner"
},
{
"lang": "en",
"type": "reporter",
"value": "Benedikt Kuehne"
},
{
"lang": "en",
"type": "reporter",
"value": "Caio Adler Goncalves Farias"
},
{
"lang": "en",
"type": "sponsor",
"value": "Siemens Energy"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim\u0027s browser within the same local network. Successful exploitation could allow an attacker to compromise user data and potentially manipulate device configuration settings.\u003c/p\u003e"
}
],
"value": "A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim\u0027s browser within the same local network. Successful exploitation could allow an attacker to compromise user data and potentially manipulate device configuration settings."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:31:33.726Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05049en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05049",
"discovery": "EXTERNAL"
},
"title": "Error in SSID Processing allows Stored XSS in Web Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23819",
"datePublished": "2026-05-12T18:31:33.726Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-12T19:31:00.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23820 (GCVE-0-2026-23820)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:34 – Updated: 2026-05-13 03:58
VLAI
EPSS
Title
Inconsistent input filtering allows Authenticated Command Injection in AOS-8 Instant and AOS-10 CLI
Summary
A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
Severity
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) Affected: 8.13.0.0 , ≤ 8.13.1.1 (semver) Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) |
Credits
This vulnerability was discovered and reported by moonv through HPE Aruba Networking's Bug Bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:39.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking\u0027s Bug Bounty program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
}
],
"value": "A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:34:34.107Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05049en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05049",
"discovery": "INTERNAL"
},
"title": "Inconsistent input filtering allows Authenticated Command Injection in AOS-8 Instant and AOS-10 CLI",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23820",
"datePublished": "2026-05-12T18:34:34.107Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-13T03:58:39.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23821 (GCVE-0-2026-23821)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:35 – Updated: 2026-05-13 03:58
VLAI
EPSS
Title
Inconsistent input filtering allows Authenticated Command Injection in AOS-10 CLI
Summary
A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
Note: Access Points running AOS-8 Instant software are not affected by this vulnerability.
Severity
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
This vulnerability was discovered and reported by moonv through HPE Aruba Networking's Bug Bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:38.032Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking\u0027s Bug Bounty program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.\u003cbr\u003e\u003cbr\u003eNote: Access Points running AOS-8 Instant software are not affected by this vulnerability.\u003c/p\u003e"
}
],
"value": "A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.\n\nNote: Access Points running AOS-8 Instant software are not affected by this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:35:34.806Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05049en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05049",
"discovery": "INTERNAL"
},
"title": "Inconsistent input filtering allows Authenticated Command Injection in AOS-10 CLI",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23821",
"datePublished": "2026-05-12T18:35:34.806Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-13T03:58:38.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23822 (GCVE-0-2026-23822)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:37 – Updated: 2026-05-12 19:25
VLAI
EPSS
Title
Unauthenticated XML External Entity Injection in AOS-8 Instant allows Denial of Service
Summary
A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruption or reduced availability of the affected system.
NOTE: This vulnerability only impacts Access Points running AOS Instant 8.x.x.x
Severity
5.3 (Medium)
CWE
- CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) |
Credits
Nicholas Starke
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T19:25:52.086668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-776",
"description": "CWE-776 Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T19:25:55.101Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Nicholas Starke"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruption or reduced availability of the affected system.\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003eNOTE: This vulnerability only impacts Access Points running AOS Instant 8.x.x.x\u003c/p\u003e"
}
],
"value": "A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruption or reduced availability of the affected system.\n\n\n\n\n\n\n\n\nNOTE: This vulnerability only impacts Access Points running AOS Instant 8.x.x.x"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:37:08.787Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05049en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05049",
"discovery": "INTERNAL"
},
"title": "Unauthenticated XML External Entity Injection in AOS-8 Instant allows Denial of Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23822",
"datePublished": "2026-05-12T18:37:08.787Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-12T19:25:55.101Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23823 (GCVE-0-2026-23823)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:38 – Updated: 2026-05-13 03:58
VLAI
EPSS
Title
Authenticated Command Injection leads to RCE in AOS-10 CLI Command
Summary
A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
NOTE: This vulnerability only impacts Access Points running AOS-10.7.x.x and above. AOS-10.4 AP and AOS-8 Instant software branches are not affected by this vulnerability.
Severity
7.2 (High)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) |
Credits
This vulnerability was discovered and reported by erikdejong through HPE Aruba Networking's Bug Bounty program
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23823",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T03:58:36.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "ArubaOS (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "This vulnerability was discovered and reported by erikdejong through HPE Aruba Networking\u0027s Bug Bounty program"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.\u003cbr\u003e\u003cbr\u003eNOTE: This vulnerability only impacts Access Points running AOS-10.7.x.x and above. AOS-10.4 AP and AOS-8 Instant software branches are not affected by this vulnerability.\u003c/p\u003e"
}
],
"value": "A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.\n\nNOTE: This vulnerability only impacts Access Points running AOS-10.7.x.x and above. AOS-10.4 AP and AOS-8 Instant software branches are not affected by this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:38:44.771Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05049en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05049",
"discovery": "INTERNAL"
},
"title": "Authenticated Command Injection leads to RCE in AOS-10 CLI Command",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23823",
"datePublished": "2026-05-12T18:38:44.771Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-13T03:58:36.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23824 (GCVE-0-2026-23824)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:51 – Updated: 2026-05-12 21:10
VLAI
EPSS
Title
Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component
Summary
Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition.
Severity
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
n3k
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23824",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T21:09:44.777897Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T21:10:11.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "n3k"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eVulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition.\u003c/p\u003e"
}
],
"value": "Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:51:54.519Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23824",
"datePublished": "2026-05-12T18:51:54.519Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-12T21:10:11.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23825 (GCVE-0-2026-23825)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:52 – Updated: 2026-05-13 16:02
VLAI
EPSS
Title
Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component
Summary
Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition.
Severity
7.5 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
10.8.0.0
(semver)
Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
n3k
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23825",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T16:02:06.659523Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T16:02:23.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "n3k"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eVulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition.\u003c/p\u003e"
}
],
"value": "Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:52:50.232Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23825",
"datePublished": "2026-05-12T18:52:50.232Z",
"dateReserved": "2026-01-16T15:22:49.224Z",
"dateUpdated": "2026-05-13T16:02:23.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23826 (GCVE-0-2026-23826)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:53 – Updated: 2026-05-13 15:45
VLAI
EPSS
Title
Unauthenticated Denial of Service in AOS-8 Network Management Service
Summary
A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitation could cause the affected service process to terminate unexpectedly, disrupting normal device operations.
Severity
7.5 (High)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) |
Credits
n3k
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23826",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T15:45:15.478850Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T15:45:23.514Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "n3k"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitation could cause the affected service process to terminate unexpectedly, disrupting normal device operations. \u003c/p\u003e"
}
],
"value": "A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitation could cause the affected service process to terminate unexpectedly, disrupting normal device operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:53:47.735Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Unauthenticated Denial of Service in AOS-8 Network Management Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23826",
"datePublished": "2026-05-12T18:53:47.735Z",
"dateReserved": "2026-01-16T15:22:49.225Z",
"dateUpdated": "2026-05-13T15:45:23.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23827 (GCVE-0-2026-23827)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:54 – Updated: 2026-05-13 15:41
VLAI
EPSS
Title
Unauthenticated Remote Code Execution via Heap Buffer Overflow in Network Management Service
Summary
A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged user on the underlying operating system, potentially leading to a system compromise. Exploitation may also result in a denial-of-service (DoS) condition affecting the impacted system process.
Severity
7.5 (High)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.8.0.0 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
n3k
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23827",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T15:41:35.392668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T15:41:39.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "n3k"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged user on the underlying operating system, potentially leading to a system compromise. Exploitation may also result in a denial-of-service (DoS) condition affecting the impacted system process.\u003c/p\u003e"
}
],
"value": "A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged user on the underlying operating system, potentially leading to a system compromise. Exploitation may also result in a denial-of-service (DoS) condition affecting the impacted system process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:54:47.364Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Unauthenticated Remote Code Execution via Heap Buffer Overflow in Network Management Service",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-23827",
"datePublished": "2026-05-12T18:54:47.364Z",
"dateReserved": "2026-01-16T15:22:49.225Z",
"dateUpdated": "2026-05-13T15:41:39.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44852 (GCVE-0-2026-44852)
Vulnerability from cvelistv5 – Published: 2026-05-12 18:55 – Updated: 2026-05-15 20:05
VLAI
EPSS
Title
Authenticated Remote Code Execution via Arbitrary File Overwrite in the AOS-8 and AOS-10 Web-Based Management Interface
Summary
An authenticated remote code execution vulnerability exists in the AOS-8 and AOS-10 web-based management interface. A vulnerability in the certificate download functionality could allow an authenticated remote attacker to overwrite arbitrary files on the underlying operating system by exploiting improper input validation in the file path parameter. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system as a privileged user.
Severity
7.2 (High)
CWE
- CWE-296 - Improper Following of a Certificate's Chain of Trust
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS) |
Affected:
8.13.0.0 , ≤ 8.13.1.1
(semver)
Affected: 8.12.0.0 , ≤ 8.12.0.6 (semver) Affected: 8.10.0.0 , ≤ 8.10.0.21 (semver) Affected: 10.8.0.0 (semver) Affected: 10.7.0.0 , ≤ 10.7.2.2 (semver) Affected: 10.4.0.0 , ≤ 10.4.1.10 (semver) |
Credits
zzcentury
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44852",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T15:24:42.503798Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-296",
"description": "CWE-296 Improper Following of a Certificate\u0027s Chain of Trust",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-15T20:05:53.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "HPE Aruba Networking Wireless Operating System (AOS)",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"lessThanOrEqual": "8.13.1.1",
"status": "affected",
"version": "8.13.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.12.0.6",
"status": "affected",
"version": "8.12.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.10.0.21",
"status": "affected",
"version": "8.10.0.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "10.8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.7.2.2",
"status": "affected",
"version": "10.7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1.10",
"status": "affected",
"version": "10.4.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "zzcentury"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn authenticated remote code execution vulnerability exists in the AOS-8 and AOS-10 web-based management interface. A vulnerability in the certificate download functionality could allow an authenticated remote attacker to overwrite arbitrary files on the underlying operating system by exploiting improper input validation in the file path parameter. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system as a privileged user.\u003c/p\u003e"
}
],
"value": "An authenticated remote code execution vulnerability exists in the AOS-8 and AOS-10 web-based management interface. A vulnerability in the certificate download functionality could allow an authenticated remote attacker to overwrite arbitrary files on the underlying operating system by exploiting improper input validation in the file path parameter. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system as a privileged user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T18:55:53.008Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us\u0026docLocale=en_US"
}
],
"source": {
"advisory": "HPESBNW05048",
"discovery": "INTERNAL"
},
"title": "Authenticated Remote Code Execution via Arbitrary File Overwrite in the AOS-8 and AOS-10 Web-Based Management Interface",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2026-44852",
"datePublished": "2026-05-12T18:55:53.008Z",
"dateReserved": "2026-05-07T21:29:03.734Z",
"dateUpdated": "2026-05-15T20:05:53.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…