Home / Vulnerability Intelligence / CVE-2026-23818

CVE-2026-23818 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: April 7, 2026

HPE Aruba Networking Private 5G Core On-Prem - Open Redirect

Published: April 7, 2026Updated: April 7, 2026Remote Exploitable

Overview

HPE Aruba Networking Private 5G Core On-Prem contains an open redirect vulnerability in the GUI login flow caused by improper URL validation, letting attackers redirect authenticated users to malicious sites, exploit requires user authentication.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 3.8%(Probability of exploitation in next 30 days)

Impact

Attackers can redirect authenticated users to malicious sites to steal credentials via phishing.

Mitigation

Update to the latest version with the fix applied.

References

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05032en_us&docLocale=en_US

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Apr 7, 2026

🟠 CVE-2026-23818 - High (8.8) A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Private 5G Core On-Prem that could allow an attacker to abuse an open redirect vulnerability in the login flow using a crafted URL. Successful exploi... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23818/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-23818
Severity: High
CVSS Score: 8.8
Type: open_redirect
Status: unconfirmed
EPSS: 3.8%
Social Posts: 1

CWE

CWE-601

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

3.8%Probability of exploitation in the next 30 days