Every CVE whose affected-product data names Arubanetworks Instant, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (33)
CVE-2022-37889 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2022-37890 — CVSS 9.8 (critical): Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Successful…
CVE-2019-5319 — CVSS 9.8 (critical): A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x…
CVE-2020-24636 — CVSS 9.8 (critical): A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s)…
CVE-2021-25149 — CVSS 9.8 (critical): A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x…
CVE-2022-37891 — CVSS 9.8 (critical): Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Successful…
CVE-2022-37885 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2022-37886 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2022-37887 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2022-37888 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2021-25144 — CVSS 8.8 (high): A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x…
CVE-2021-25150 — CVSS 8.8 (high): A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s)…
CVE-2021-25162 — CVSS 8.1 (high): A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s)…
CVE-2021-25148 — CVSS 8.1 (high): A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2022-37893 — CVSS 7.8 (high): An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10 command line interface. Successful…
CVE-2021-25143 — CVSS 7.5 (high): A remote denial of service (dos) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2018-16417 — CVSS 7.5 (high): Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and 8.4.x prior to 8.4.0.1 allows Command…
CVE-2017-13099 — CVSS 7.5 (high): wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An…
CVE-2021-25146 — CVSS 7.2 (high): A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s)…
CVE-2020-24635 — CVSS 7.2 (high): A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s)…
CVE-2019-5317 — CVSS 6.8 (medium): A local authentication bypass vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant…
CVE-2021-25159 — CVSS 6.5 (medium): A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2022-37894 — CVSS 6.5 (medium): An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10…
CVE-2021-25145 — CVSS 6.5 (medium): A remote unauthorized disclosure of information vulnerability was discovered in some Aruba Instant Access Point (IAP) products in…
CVE-2021-25155 — CVSS 6.5 (medium): A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2022-37896 — CVSS 6.1 (medium): A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow a remote attacker to conduct a reflected…
CVE-2021-25161 — CVSS 6.1 (medium): A remote cross-site scripting (xss) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2021-25158 — CVSS 5.9 (medium): A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant…
CVE-2022-37892 — CVSS 5.4 (medium): A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a…
CVE-2021-25160 — CVSS 4.9 (medium): A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…
CVE-2021-25157 — CVSS 4.9 (medium): A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant…
CVE-2022-37895 — CVSS 4.9 (medium): An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10…
CVE-2021-25156 — CVSS 4.9 (medium): A remote arbitrary directory create vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba…