CVE-2025-23051

High CVSS: 7.2

An authenticated parameter injection vulnerability exists in the web-based management interface of the AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated user to leverage parameter injection to overwrite arbitrary system files.

Vendor

Product

CWE

CWE-94

Yayın Tarihi

2025-01-14 18:16:05

Güncelleme

2025-01-23 22:15:16

Source Identifier

security-alert@hpe.com

KEV Date Added

Kategoriler

CWE-94 HIGH 2025

Referanslar

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04723en_us&docLocale=en_US