← Back

CVE-2025-37168

nvd nist
Published: Jan 13, 2026Modified: Jan 23, 2026

JSON object

Loading...
9.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Exploitability: 3.9 / Impact: 5.2
Source: NVD

Description

Arbitrary file deletion vulnerability have been identified in a system function of mobility conductors running AOS-8 operating system. Successful exploitation of this vulnerability could allow an unauthenticated remote malicious actor to delete arbitrary files within the affected system and potentially result in denial-of-service conditions on affected devices.

Affected (4)

Arubanetworks
1 product
Arubaos
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Arubanetworks
Arubaos
From 10.3.0.0 to 10.4.1.10
Arubaos
From 10.5.0.0 to 10.7.2.2
Arubaos
From 6.5.4.0 to 8.10.0.21
Arubaos
From 8.11.0.0 to 8.13.1.1

Related CWEs

CWE-552
Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.

References (1)

Source: security-alert@hpe.com
Vendor Advisory

Timeline

No history available yet.