{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T03:50:55.070","vulnerabilities":[{"cve":{"id":"CVE-2025-37138","sourceIdentifier":"security-alert@hpe.com","published":"2025-10-14T17:15:40.557","lastModified":"2025-11-12T21:05:32.987","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. Exploitation of this vulnerability requires physical access to the hardware controllers. A successful attack could allow an authenticated malicious actor with physical access to execute arbitrary commands as a privileged user on the underlying operating system."}],"metrics":{"cvssMetricV31":[{"source":"security-alert@hpe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.2,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.3,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*","versionStartIncluding":"8.10.0.0","versionEndExcluding":"8.10.0.19","matchCriteriaId":"3D5F48C7-AD51-4641-9CBA-9DE9B516819E"},{"vulnerable":true,"criteria":"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*","versionStartIncluding":"8.12.0.0","versionEndExcluding":"8.12.0.6","matchCriteriaId":"057AA8F5-FF66-44E9-8E06-D2B9E8B91AD2"},{"vulnerable":true,"criteria":"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*","versionStartIncluding":"8.13.0.0","versionEndExcluding":"8.13.1.0","matchCriteriaId":"D4B066B5-D01B-43AE-B4DC-AF560D6B953C"},{"vulnerable":true,"criteria":"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*","versionStartIncluding":"10.4.0.0","versionEndExcluding":"10.4.1.9","matchCriteriaId":"04F61E46-8412-4B8D-BE7B-EBF61BE52C54"},{"vulnerable":true,"criteria":"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*","versionStartIncluding":"10.7.0.0","versionEndExcluding":"10.7.2.1","matchCriteriaId":"BEF8618F-C126-4F8F-951F-6D62FE8FAB22"}]}]}],"references":[{"url":"https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04957en_us&docLocale=en_US","source":"security-alert@hpe.com","tags":["Vendor Advisory"]}]}}]}