Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HPE Aruba Networking Wireless Operating System (AOS) — Vulnerabilities & Security Advisories 27

All 27 CVE vulnerabilities found in HPE Aruba Networking Wireless Operating System (AOS), with AI-generated Chinese analysis, references, and POCs.

This page aggregates known vulnerabilities for the HPE Aruba Networking Wireless Operating System (AOS), categorized by Common Weakness Enumeration (CWE) types. It collects security flaws affecting this specific wireless infrastructure software, covering vulnerability disclosures and associated security bulletins published from the product's initial release through the present date. Here, you can track vendor advisories from HPE Aruba Networking to stay informed about newly discovered security risks, understand the underlying characteristics of specific weakness classes such as buffer overflows or authentication bypasses as they relate to this platform, and look up the product’s historical vulnerability record to assess long-term security posture and remediation trends. The data is organized to facilitate efficient security analysis, allowing administrators and security professionals to identify potential exposure points and prioritize patching efforts based on the severity and impact of reported issues. By consolidating this information in one location, the page serves as a reference for understanding the security landscape of AOS, helping stakeholders evaluate the effectiveness of current mitigation strategies and the urgency of applying available updates. This resource is intended for technical audiences managing Aruba wireless networks who require detailed insights into the software’s security history and ongoing maintenance requirements.

Vendor: Hewlett Packard Enterprise (HPE)

CVE IDTitleCVSSSeverityPublished
CVE-2026-44871 Authenticated Command Injection Vulnerabilities in Command Line Interface (CLI) Service Accessed by PAPI Protocol of AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44873 Insufficient Session Invalidation on User Account Deactivation in AOS-8 Operating System 5.4 Medium2026-05-12
CVE-2026-44874 Authenticated Arbitrary File Download via AOS-10 Web-Based Management Interface 4.9 Medium2026-05-12
CVE-2026-44872 Authenticated Arbitrary File Upload via Command Injection in AOS-8 AND AOS-10 Web-Based Management Interface 7.2 High2026-05-12
CVE-2026-44870 Authenticated Command Injection Vulnerabilities in Command Line Interface (CLI) Service Accessed by PAPI Protocol of AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44869 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10 7.2 High2026-05-12
CVE-2026-44868 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10 7.2 High2026-05-12
CVE-2026-44867 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10 7.2 High2026-05-12
CVE-2026-44866 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10 7.2 High2026-05-12
CVE-2026-44865 Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10 7.2 High2026-05-12
CVE-2026-44864 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44863 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44862 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44861 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44860 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems 7.2 High2026-05-12
CVE-2026-44859 Authenticated Stack-Based Buffer Overflow in PAPI Services 7.2 High2026-05-12
CVE-2026-44858 Authenticated Stack-Based Buffer Overflow in PAPI Services 7.2 High2026-05-12
CVE-2026-44857 Authenticated Stack-Based Buffer Overflow in PAPI Services 7.2 High2026-05-12
CVE-2026-44856 Authenticated Stack-Based Buffer Overflow in PAPI Services 7.2 High2026-05-12
CVE-2026-44855 Authenticated Stack-Based Buffer Overflow in PAPI Services 7.2 High2026-05-12
CVE-2026-44854 Authenticated Remote Code Execution via Arbitrary File Write in AOS-8 and AOS-10 Web-Based Management Interface 7.2 High2026-05-12
CVE-2026-44853 Authenticated Remote Code Execution via Arbitrary File Write in AOS-8 and AOS-10 Web-Based Management Interface 7.2 High2026-05-12
CVE-2026-44852 Authenticated Remote Code Execution via Arbitrary File Overwrite in the AOS-8 and AOS-10 Web-Based Management Interface 7.2 High2026-05-12
CVE-2026-23827 Unauthenticated Remote Code Execution via Heap Buffer Overflow in Network Management Service 7.5 High2026-05-12
CVE-2026-23826 Unauthenticated Denial of Service in AOS-8 Network Management Service 7.5 High2026-05-12
CVE-2026-23825 Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component 7.5 High2026-05-12
CVE-2026-23824 Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component 7.5 High2026-05-12

All 27 known CVE vulnerabilities affecting HPE Aruba Networking Wireless Operating System (AOS) with full Chinese analysis, references, and POCs where available.