CVE-2026-44860

Published: Mag 12, 2026 Last Modified: Mag 12, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,2

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: high

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system.

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesb…

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us&docLoca…

CVE-2026-44860

Description

Iscriviti alla newsletter