Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aos vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4383
Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 prior to 5.1.6.463.R02, 5.4 prior to 5.4.1.429.R01, 6.1.3 prior to 6.1.3.965.R01, 6.1.5 prior to 6.1.5.595....
Alcatel Aos
8.8
CVSSv3
CVE-2022-23680
AOS-CX lacks Anti-CSRF protections in place for state-changing operations. This can potentially be exploited by an malicious user to execute commands in the context of another user in ArubaOS-CX Switches version(s): AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.0...
Arubanetworks Aos-cx
7.8
CVSSv3
CVE-2022-23682
Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. A successful exploit could allow an malicious user to execute arbitrary commands as root on the underlying operating system leading to complete switch compromis...
Arubanetworks Aos-cx
8.8
CVSSv3
CVE-2022-23684
A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Successful exploitation of this vulnerability allows an malicious user to escalate p...
Arubanetworks Aos-cx
4.3
CVSSv3
CVE-2022-23688
Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an malicious user to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-C...
Arubanetworks Aos-cx
6.8
CVSSv3
CVE-2022-23691
A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication. A successful exploit allows an malicious user to bypass system authentication and achieve total switch compromise in ArubaOS-C...
Arubanetworks Aos-cx
7.2
CVSSv3
CVE-2022-23683
Authenticated command injection vulnerabilities exist in the AOS-CX Network Analytics Engine via NAE scripts. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system, leading to a...
Arubanetworks Aos-cx
4.3
CVSSv3
CVE-2022-23689
Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an malicious user to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-C...
Arubanetworks Aos-cx
5.3
CVSSv3
CVE-2022-23690
A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated malicious user to fingerprint the exact version AOS-CX running on the switch. This allows an malicious user to retrieve information which could be used to more precisely target th...
Arubanetworks Aos-cx
7.8
CVSSv3
CVE-2022-23681
Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. A successful exploit could allow an malicious user to execute arbitrary commands as root on the underlying operating system leading to complete switch compromis...
Arubanetworks Aos-cx
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »