Arubanetworks Edgeconnect_sd-wan_orchestrator

29 CVEs affecting Arubanetworks Edgeconnect_sd-wan_orchestrator. Latest disclosed: 2026-01-14. Critical: 1, High: 13.

Top CVEs affecting Arubanetworks Edgeconnect_sd-wan_orchestrator
CVESeverityScorePublishedSummary
CVE-2025-37184Critical9.82026-01-14A vulnerability exists in an Orchestrator service that could allow an unauthenticated remote attacker to bypass multi-factor authentication requirements. Succe…
CVE-2024-41914High8.12024-07-24A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross…
CVE-2023-37424High8.12023-08-22A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to run arbitrary comman…
CVE-2023-37423High8.12023-08-22Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross…
CVE-2023-37422High8.12023-08-22Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross…
CVE-2023-37421High8.12023-08-22Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross…
CVE-2023-37425High8.02023-08-22A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a stored cro…
CVE-2023-37426High7.42023-08-22EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were found to have shared static SSH host keys for all installations…
CVE-2025-37183High7.22026-01-14Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection…
CVE-2025-37182High7.22026-01-14Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection…
CVE-2025-37181High7.22026-01-14Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection…
CVE-2024-22443High7.22024-07-24A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a server-side…
CVE-2023-37428High7.22023-08-22A vulnerability in the EdgeConnect SD-WAN Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underl…
CVE-2023-37427High7.22023-08-22A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to run arbitrary commands…
CVE-2024-41136Medium6.82024-07-24An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface. Successful exploitation…
CVE-2023-37438Medium6.52023-08-22Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL i…
CVE-2023-37437Medium6.52023-08-22Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL i…
CVE-2023-37436Medium6.52023-08-22Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL i…
CVE-2023-37435Medium6.52023-08-22Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL i…
CVE-2023-37434Medium6.52023-08-22Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL i…