← Back

CVE-2025-37177

nvd nist
Published: Jan 13, 2026Modified: Jan 23, 2026

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Exploitability: 1.2 / Impact: 5.2
Source: security-alert@hpe.com (Secondary)

Description

An arbitrary file deletion vulnerability has been identified in the command-line interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation of this vulnerability could allow an authenticated remote malicious actor to delete arbitrary files within the affected system.

Affected (4)

Arubanetworks
1 product
Arubaos
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Arubanetworks
Arubaos
From 10.3.0.0 to 10.4.1.10
Arubaos
From 10.5.0.0 to 10.7.2.2
Arubaos
From 6.5.4.0 to 8.10.0.21
Arubaos
From 8.11.0.0 to 8.13.1.1

Related CWEs

CWE-552
Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.

References (1)

Source: security-alert@hpe.com
Vendor Advisory

Timeline

No history available yet.