{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T06:34:14.774","vulnerabilities":[{"cve":{"id":"CVE-2025-37176","sourceIdentifier":"security-alert@hpe.com","published":"2026-01-13T20:16:05.717","lastModified":"2026-01-23T16:12:02.550","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A command injection vulnerability in AOS-8 allows an authenticated privileged user to alter a package header to inject shell commands, potentially affecting the execution of internal operations. Successful exploit could allow an authenticated malicious actor to execute commands with the privileges of the impacted mechanism."},{"lang":"es","value":"Una vulnerabilidad de inyección de comandos en AOS-8 permite a un usuario privilegiado autenticado alterar una cabecera de paquete para inyectar comandos de shell, lo que podría afectar la ejecución de operaciones internas. Un exploit exitoso podría permitir a un actor malicioso autenticado ejecutar comandos con los privilegios del mecanismo afectado."}],"metrics":{"cvssMetricV31":[{"source":"security-alert@hpe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*","versionStartIncluding":"8.6.0.0","versionEndExcluding":"8.10.0.21","matchCriteriaId":"28EE6221-D715-48C4-B181-BD530080E706"},{"vulnerable":true,"criteria":"cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*","versionStartIncluding":"8.11.0.0","versionEndExcluding":"8.13.1.1","matchCriteriaId":"1C7390DD-329B-44A3-9693-34211258DF37"}]}]}],"references":[{"url":"https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04987en_us&docLocale=en_US","source":"security-alert@hpe.com","tags":["Vendor Advisory"]}]}}]}