CVE-2026-44852 - Vulnerability Details

- Authenticated Remote Code Execution via Arbitrary File Overwrite in the AOS-8 and AOS-10 Web-Based Management Interface

Description

An authenticated remote code execution vulnerability exists in the AOS-8 and AOS-10 web-based management interface. A vulnerability in the certificate download functionality could allow an authenticated remote attacker to overwrite arbitrary files on the underlying operating system by exploiting improper input validation in the file path parameter. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system as a privileged user.

Published: 2026-05-12

Score: 7.2 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An authenticated attacker can exploit improper input validation in the certificate download function of the AOS-8 and AOS-10 web‑based management interface to overwrite arbitrary files on the underlying operating system. This flaw, identified as CWE‑296, enables the attacker to target critical system files, allowing the execution of arbitrary commands as a privileged user, which compromises confidentiality, integrity, and availability of the device.

Affected Systems

The vulnerability affects Hewlett Packard Enterprise Aruba Networking Wireless Operating System (AOS) versions AOS‑8 and AOS‑10. All devices running these OS releases are potentially exposed.

Risk and Exploitability

The CVSS score of 7.2 indicates high severity, but the EPSS score is < 1% and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires that the attacker already possess valid credentials for the web interface; once authenticated, the attacker can send a crafted request that manipulates the file path parameter to overwrite files and trigger command execution. The attack vector is therefore an authenticated remote web‑interface exploit, likely performed over HTTPS.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Hewlett Packard Enterprise (HPE)

HPE Aruba Networking Wireless Operating System (AOS)

affected

Version	Status	Constraints
`8.13.0.0`	affected	≤ 8.13.1.1
`8.12.0.0`	affected	≤ 8.12.0.6
`8.10.0.0`	affected	≤ 8.10.0.21
`10.8.0.0`	affected	—
`10.7.0.0`	affected	≤ 10.7.2.2
`10.4.0.0`	affected	≤ 10.4.1.10

Configuration 1 [-]

OR	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::

Configuration 2 [-]

OR	cpe:2.3:a:arubanetworks:sd-wan::::::::
	cpe:2.3:a:arubanetworks:sd-wan::::::::

No data.

Vendor Product Confidence Versions

Hpe

Arubaos

100%

Version	Status	Scheme	Platform
`[8.13.0.0,8.13.1.1]`	affected	generic	—
`[8.12.0.0,8.12.0.6]`	affected	generic	—
`[8.10.0.0,8.10.0.21]`	affected	generic	—
`10.8.0.0`	affected	generic	—
`[10.7.0.0,10.7.2.2]`	affected	generic	—
`[10.4.0.0,10.4.1.10]`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest HPE Aruba OS patch that fixes the file‑path validation issue.
If a patch is not yet available, restrict the web‑based management interface to trusted networks, enforce strong authentication, and consider disabling the certificate download feature if it is not required.
Monitor the system for unauthorized file modifications and anomalous command executions, and review access logs for suspicious activity.

Generated by OpenCVE AI on May 15, 2026 at 22:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0012.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us&docLocale=en_US

History

Fri, 15 May 2026 21:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-296

Thu, 14 May 2026 17:15:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-20 CWE-788

Thu, 14 May 2026 15:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Arubanetworks Arubanetworks arubaos Arubanetworks sd-wan
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:arubanetworks:sd-wan:::::::: cpe:2.3:o:arubanetworks:arubaos::::::::
Vendors & Products		Arubanetworks Arubanetworks arubaos Arubanetworks sd-wan

Wed, 13 May 2026 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 13 May 2026 11:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Hpe Hpe arubaos
Vendors & Products		Hpe Hpe arubaos

Tue, 12 May 2026 21:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-20 CWE-788

Tue, 12 May 2026 19:30:00 +0000

Type	Values Removed	Values Added
Description		An authenticated remote code execution vulnerability exists in the AOS-8 and AOS-10 web-based management interface. A vulnerability in the certificate download functionality could allow an authenticated remote attacker to overwrite arbitrary files on the underlying operating system by exploiting improper input validation in the file path parameter. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system as a privileged user.
Title		Authenticated Remote Code Execution via Arbitrary File Overwrite in the AOS-8 and AOS-10 Web-Based Management Interface
References		https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us&docLocale=en_US
Metrics		cvssV3_1 `{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}`

Subscriptions

Arubanetworks Arubaos Sd-wan

Hpe Arubaos

MITRE

Status: PUBLISHED

Assigner: hpe

Published: 2026-05-12T18:55:53.008Z

Updated: 2026-05-15T20:05:53.832Z

Reserved: 2026-05-07T21:29:03.734Z

Link: CVE-2026-44852

Vulnrichment

Updated: 2026-05-13T15:24:57.630Z

NVD

Status : Modified

Published: 2026-05-12T20:16:43.803

Modified: 2026-05-15T21:16:36.503

Link: CVE-2026-44852

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-15T22:30:06Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object