CVE-2025-37169
EUVD-2026-207113.01.2026, 20:16
A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| arubanetworks | arubaos | 10.3.0.0 ≤ 𝑥 < 10.4.1.10 |
| arubanetworks | arubaos | 10.5.0.0 ≤ 𝑥 < 10.7.2.2 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.
- CWE-121 - Stack-based Buffer OverflowA stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).