AOS-CX CLI Command Parameter Injection Risk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.8

AOS-CX CLI Command Parameter Injection Risk

CVE-2026-23814

Summary

A remote attacker can inject malicious commands into AOS-CX CLI, potentially causing unintended actions. This issue affects users who have access to the CLI. To mitigate, administrators should update to the latest version of AOS-CX or restrict CLI access to necessary personnel.

Original title

A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.

Original description

A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.

nvd CVSS3.1 8.8

Vulnerability type

CWE-77 Command Injection

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocal...

Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026