Severity by source
AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruption or reduced availability of the affected system.
NOTE: This vulnerability only impacts Access Points running AOS Instant 8.x.x.x
Analysis
A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruption or reduced availability of the affected system.
NOTE: This vulnerability only impacts Access Points running AOS Instant 8.x.x.x
More in Arubaos Aos
View allA vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an u
A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attack
A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remot
A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authentic
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29738
GHSA-xrfm-m363-m483