Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.2
CVE-2026-44854: AOS-8 and AOS-10 Management Interface Upload Risk
CVE-2026-44854
Summary
AOS-8 and AOS-10 management interfaces have a security weakness that could allow an authorized but malicious user to upload unauthorized files, potentially giving them control over the system. This could lead to serious security issues, including unauthorized access and data breaches. To mitigate this risk, update your AOS-8 and AOS-10 systems with the latest security patches as soon as possible.
Original title
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload a...
Original description
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote code execution as a privileged user.
nvd CVSS3.1
7.2
Vulnerability type
CWE-77
Command Injection
Published: 12 May 2026 · Updated: 15 Jun 2026 · First seen: 12 May 2026