Primary

Context

HPE Aruba Networking AOS-8 Controller/Mobility Conductor Arbitrary File Deletion Vulnerability

Vulnerability

An arbitrary file deletion vulnerability has been identified in the command-line interface of HPE Aruba Networking AOS-8 Controllers and Mobility Conductors. This vulnerability allows authenticated remote attackers to delete arbitrary files within the affected system.

Impact

Successful exploitation of this vulnerability could lead to unauthorized deletion of files on the affected system.

Remediation

To address this vulnerability, users should upgrade to AOS-8.13.1.0 or above, AOS-8.12.0.6 or above, or AOS-8.10.0.19 or above. Instructions for downloading the updated software are available on the HPE Networking Support Portal.

Added: Oct 14, 2025, 8:08 PM

Updated: Oct 15, 2025, 12:28 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HPE Aruba Networking AOS-8 Controller/Mobility Conductor Arbitrary File Deletion Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating