Primary

Context

HPE Aruba Networking AOS-8 and AOS-10 Mobility Conductors Command-Line Interface Arbitrary File Deletion Vulnerability

Vulnerability

An arbitrary file deletion vulnerability exists in the command-line interface of HPE Aruba Networking Mobility Conductors running AOS-10 or AOS-8 operating systems. This vulnerability allows an authenticated remote attacker to delete arbitrary files on the affected system.

Impact

Exploitation of this vulnerability could lead to unauthorized deletion of files, potentially causing disruption or degradation of service on the affected system.

Remediation

To address this vulnerability, users should upgrade to AOS-10.7.2.2 and above or AOS-8.13.1.1 and above. For AOS-10.4.x.x, upgrade to version 10.4.1.10 and above, and for AOS-8.10.x.x, upgrade to version 8.10.0.21 and above. These updates can be downloaded from the HPE Networking Support Portal.

Added: Jan 13, 2026, 8:53 PM

Updated: Jan 13, 2026, 9:53 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

5.2

remediation

0.0

relevance

2.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

5.2

remediation

0.0

relevance

2.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HPE Aruba Networking AOS-8 and AOS-10 Mobility Conductors Command-Line Interface Arbitrary File Deletion Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating