CVE-2026-23818
Awaiting Analysis Awaiting Analysis - Queue

Open Redirect in HPE Aruba 5G Core GUI Enables Credential Theft

Vulnerability report for CVE-2026-23818, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-04-07

Last updated on: 2026-04-14

Assigner: Hewlett Packard Enterprise (HPE)

Description

A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Private 5G Core On-Prem that could allow an attacker to abuse an open redirect vulnerability in the login flow using a crafted URL. Successful exploitation may redirect an authenticated user to an attacker-controlled server hosting a spoofed login page prompting the unsuspecting victim to give away their credentials, which could then be captured by the attacker, before being redirected back to the legitimate login page.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-04-07
Last Modified
2026-04-14
Generated
2026-07-06
AI Q&A
2026-04-07
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
hpe aruba_networking_private_5g_core to 1.25.3.1 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-601 The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the graphical user interface (GUI) of HPE Aruba Networking Private 5G Core On-Prem. It is an open redirect vulnerability in the login flow that can be exploited using a specially crafted URL.

An attacker can use this flaw to redirect an authenticated user to a malicious server controlled by the attacker. This server hosts a fake login page designed to trick the user into entering their credentials.

Once the user submits their credentials on the spoofed page, the attacker can capture them before the user is redirected back to the legitimate login page, making the attack stealthy.

Impact Analysis

This vulnerability can lead to credential theft by tricking authenticated users into submitting their login information to an attacker-controlled site.

If exploited, attackers could gain unauthorized access to user accounts, potentially compromising sensitive data and system integrity.

The CVSS score of 8.8 indicates a high severity, meaning the impact on confidentiality, integrity, and availability can be significant.

Compliance Impact

This vulnerability could lead to credential theft through a spoofed login page, potentially resulting in unauthorized access to sensitive data.

Such unauthorized access and credential compromise may impact compliance with standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive information.

Specifically, failure to protect user credentials and prevent phishing attacks could lead to violations of data protection and privacy requirements under these regulations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-23818. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart