604 CVEs

1 in CISA KEV

arubanetworks Vulnerabilities

CVE security advisories and vulnerability history for arubanetworks.

604

Total CVEs

Published

1

In CISA KEV

Exploited in the wild

14

Public exploits

With known exploit

7.1

Avg CVSS

2008–2026

Overview

arubanetworks has 604 published CVE records since 2008, of which 1 are in CISA's Known Exploited Vulnerabilities catalog and 14 have a known public exploit. The average CVSS base score across scored CVEs is 7.1.

This page aggregates every publicly disclosed vulnerability (CVE) affecting arubanetworks products, with severity breakdowns, the most-affected products, the most common weakness types, and the latest disclosures.

Severity and exploitation

How the CVSS severity of arubanetworks's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical39

High183

Medium126

Low2

254 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

1

One of arubanetworks's CVEs is confirmed exploited in the wild.

Public exploits

14

14 of arubanetworks's CVEs have a known public exploit available.

Most affected products

The arubanetworks products with the most published CVEs.

arubaos242 CVEs
clearpass policy manager140 CVEs
Aruba ClearPass Policy Manager121 CVEs
sd-wan112 CVEs
Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central67 CVEs
instant62 CVEs
scalance w1750d58 CVEs
scalance w1750d firmware58 CVEs

Common weakness types

The CWE weakness categories most often found in arubanetworks CVEs. Follow any weakness for its full explanation.

CNAs that assign these CVEs

The CVE Numbering Authorities that publish arubanetworks CVE records.

Disclosure activity by year

How many arubanetworks CVEs were published each year.

2019

9

2020

33

2021

122

2022

94

2023

139

2024

77

2025

29

2026

50

Latest arubanetworks CVEs

The most recently disclosed vulnerabilities affecting arubanetworks.

Authenticated Command Injection Vulnerabilities in Command Line Interface (CLI) Service Accessed by PAPI Protocol of AOS-8 and AOS-10 Operating Systems
CWE-77
High · CVSS 7.2
EPSS 0.1%2026-05-12
Insufficient Session Invalidation on User Account Deactivation in AOS-8 Operating System
CWE-613
Medium · CVSS 5.4
EPSS 0.0%2026-05-12
Authenticated Arbitrary File Download via AOS-10 Web-Based Management Interface
CWE-284
Medium · CVSS 4.9
EPSS 0.0%2026-05-12
Authenticated Arbitrary File Upload via Command Injection in AOS-8 AND AOS-10 Web-Based Management Interface
CWE-77
High · CVSS 7.2
EPSS 0.3%2026-05-12
Authenticated Command Injection Vulnerabilities in Command Line Interface (CLI) Service Accessed by PAPI Protocol of AOS-8 and AOS-10 Operating Systems
CWE-77
High · CVSS 7.2
EPSS 0.2%2026-05-12
Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10
CWE-77
High · CVSS 7.2
EPSS 0.2%2026-05-12
Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10
CWE-77
High · CVSS 7.2
EPSS 0.2%2026-05-12
Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10
CWE-77
High · CVSS 7.2
EPSS 0.2%2026-05-12
Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10
CWE-77
High · CVSS 7.2
EPSS 0.2%2026-05-12
Authenticated Command Injection Vulnerabilities in the Web-Based Management Interface of AOS-8 and AOS-10
CWE-77
High · CVSS 7.2
EPSS 0.2%2026-05-12
Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems
CWE-89
High · CVSS 7.2
EPSS 0.0%2026-05-12
Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems
CWE-89
High · CVSS 7.2
EPSS 0.0%2026-05-12

Track new arubanetworks CVEs as they are disclosed and get AI-written analysis and remediation guidance.

Monitor arubanetworks CVEs

Other vendors

Browse vulnerabilities for other tracked vendors.

unisoc635 CVEs moodle633 CVEs Campcodes631 CVEs qnap613 CVEs mcafee607 CVEs freebsd594 CVEs symantec582 CVEs Mattermost577 CVEs

Browse all vendors

Frequently asked questions

Common questions about arubanetworks vulnerabilities.

How many CVEs does arubanetworks have?

arubanetworks has 604 published CVE records since 2008, including 79 in the last two years.

How many arubanetworks CVEs are in CISA KEV?

Yes — 1 of arubanetworks's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.

Which arubanetworks products have the most CVEs?

The arubanetworks products with the most published CVEs are arubaos, clearpass policy manager, Aruba ClearPass Policy Manager, sd-wan, Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central.

What are the most common weakness types in arubanetworks CVEs?

arubanetworks's CVEs most often map to these CWE weakness types: CWE-77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')).

Are there public exploits for arubanetworks vulnerabilities?

Yes — 14 of arubanetworks's CVEs have a known public exploit.

How many critical arubanetworks vulnerabilities are there?

arubanetworks has 39 critical and 183 high-severity CVEs.

What is the average severity of arubanetworks CVEs?

The average CVSS base score across arubanetworks's scored CVEs is 7.1.

References

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track arubanetworks vulnerabilities

Monitor new arubanetworks vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing