vulnerability

Aruba AOS-10: CVE-2023-35975: Authenticated Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Deletion.

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:M/C:N/I:C/A:C)

Published

Jul 11, 2023

Added

Jan 14, 2025

Modified

Apr 2, 2026

Description

An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system.

Solution

aruba-aos-10-cve-2023-35975

References

CVE-2023-35975
https://attackerkb.com/topics/CVE-2023-35975
https://csaf.arubanetworking.hpe.com/2023/hpe_aruba_networking_-_2023-008.json
https://euvd.enisa.europa.eu/vulnerability/EUVD-2023-39959
CWE-22
EUVD-EUVD-2023-39959

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report