CVE-2025-37138

Name of the Vulnerable Software and Affected Versions AOS-10 GW and AOS-8 Controllers/Mobility Conductor (affected versions not specified)

Description A command injection flaw exists in the command line interface binary. Exploitation requires physical access to the hardware controllers and authentication. A successful attack could allow a malicious actor with physical access to execute arbitrary commands as a privileged user on the underlying operating system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.