浏览 23+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-23812 | Security Boundary Bypass via Routing Node Impersonation | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating Systems (AOS-8 & AOS-10) | Medium | 4.3 | 2026-03-04 16:13:48 | Deep Dive |
| CVE-2026-23811 | Unauthorized Bi-Directional Traffic Interception via L2/L3 Manipulation | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating Systems (AOS-8 & AOS-10) | Medium | 4.3 | 2026-03-04 16:12:33 | Deep Dive |
| CVE-2026-23810 | Cross-BSSID GTK Re-encryption and Traffic Injection | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating Systems (AOS-8 & AOS-10) | Medium | 4.3 | 2026-03-04 16:11:36 | Deep Dive |
| CVE-2026-23809 | MAC Address Spoofing leads to Inter-BSSID Isolation Bypass Resulting in Traffic Redirection | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS-10 & AOS-8) | Medium | 5.4 | 2026-03-04 16:10:03 | Deep Dive |
| CVE-2026-23808 | Client Isolation Bypass via GTK Manipulation | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS-10 & AOS-8) | Medium | 5.4 | 2026-03-04 16:09:18 | Deep Dive |
| CVE-2026-23601 | Frame Injection via Shared GTK Allows Traffic Spoofing and Client Compromise | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Wireless Operating System (AOS-10 & AOS-8) | Medium | 5.4 | 2026-03-04 16:07:43 | Deep Dive |
| CVE-2025-37160 | Authenticated Broken Access Control (BAC) in REST API Configuration Service | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS-CX | Medium | 5.3 | 2025-11-18 18:54:10 | Deep Dive |
| CVE-2025-37159 | Authenticated Session Hijacking Allows Unauthorized Access in Network Switching Software | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS-CX | Medium | 5.8 | 2025-11-18 18:52:47 | Deep Dive |
| CVE-2025-37158 | Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS-CX | Medium | 6.7 | 2025-11-18 18:51:29 | Deep Dive |
| CVE-2025-37156 | ArubaOS-CX Platform-Level Denial-of-Service Vulnerability | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS-CX | Medium | 6.8 | 2025-11-18 18:46:11 | Deep Dive |
| CVE-2025-37155 | Authenticated Privilege Escalation Allows Unauthorized Access in Network Management Interface | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS-CX | High | 7.8 | 2025-11-18 18:40:41 | Deep Dive |
| CVE-2025-27084 | Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal (CP) of an AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-based Management Interface | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS | Medium | 5.4 | 2025-04-08 16:32:47 | Deep Dive |
| CVE-2025-27085 | Arbitrary File Download Vulnerabilities in Web-Based Management Interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS | Medium | 4.9 | 2025-04-08 16:29:26 | Deep Dive |
| CVE-2025-27083 | Authenticated Command Injection Vulnerabilities in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS | High | 7.2 | 2025-04-08 16:26:51 | Deep Dive |
| CVE-2025-27082 | Authenticated Remote Code Execution Vulnerabilities in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface via Arbitrary File Write | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS | High | 7.2 | 2025-04-08 16:22:51 | Deep Dive |
| CVE-2025-23052 | Authenticated Command Injection Vulnerability allows Unauthorized Command Execution in CLI Interface | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS | High | 7.2 | 2025-01-14 17:38:44 | Deep Dive |
| CVE-2025-23051 | Authenticated Remote Code Execution in AOS Web-based Management Interface | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking AOS | High | 7.2 | 2025-01-14 17:35:25 | Deep Dive |
| CVE-2024-47464 | Authenticated Path Traversal Vulnerability Leads to a Remote Unauthorized Access to Files | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Access Points, Instant AOS-8, and AOS-10 | Medium | 6.8 | 2024-11-05 23:02:59 | Deep Dive |
| CVE-2024-47463 | Arbitrary File Creation Vulnerability in Instant AOS-8 and AOS-10 leads to Authenticated Remote Command Execution (RCE) | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Access Points, Instant AOS-8, and AOS-10 | High | 7.2 | 2024-11-05 22:59:05 | Deep Dive |
| CVE-2024-47462 | Arbitrary File Creation Vulnerability in Instant AOS-8 and AOS-10 leads to Authenticated Remote Command Execution (RCE) | Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Access Points, Instant AOS-8, and AOS-10 | High | 7.2 | 2024-11-05 22:57:45 | Deep Dive |