Cyber Resilience

CVE-2026-44872

HighRCE

Published: 12 May 2026

Published
12 May 2026
Modified
13 May 2026
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0031 54.2th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-44872 is a high-severity Command Injection (CWE-77) vulnerability in Arubanetworks Arubaos. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 45.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A command injection vulnerability exists in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to place arbitrary files on the underlying filesystem of the affected device.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1105 Ingress Tool Transfer Command And Control
Adversaries may transfer tools or other files from an external system into a compromised environment.
Why these techniques?

Command injection in exposed web management interface directly enables T1190; arbitrary file placement on filesystem enables T1105 for tool/malware deployment.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-44854Same product: Arubanetworks Arubaos
CVE-2026-44869Same product: Arubanetworks Arubaos
CVE-2026-44866Same product: Arubanetworks Arubaos
CVE-2026-44871Same product: Arubanetworks Arubaos
CVE-2026-44865Same product: Arubanetworks Arubaos
CVE-2026-44853Same product: Arubanetworks Arubaos
CVE-2026-44870Same product: Arubanetworks Arubaos
CVE-2026-44868Same product: Arubanetworks Arubaos
CVE-2026-44867Same product: Arubanetworks Arubaos
CVE-2026-23827Same product: Arubanetworks Arubaos

Affected Assets

arubanetworks
arubaos
6.5.4.0 — 8.10.0.22 · 8.11.0.0 — 8.12.0.7 · 8.13.0.0 — 8.13.1.2
arubanetworks
sd-wan
8.6.0.4-2.2.0.0 — 8.6.0.4-2.2.0.7 · 8.7.0.0-2.3.0.0 — 8.7.0.0-2.3.0.9

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References