CVE-2025-37102

Summary

An authenticated command injection vulnerability exists in the Command line interface of HPE Networking Instant On Access Points.

A successful exploitation could allow a remote attacker with elevated privileges to execute arbitrary commands on the underlying operating system as a highly privileged user.

Affected Software

VendorProductVersion RangeStatus
Hewlett Packard Enterprise (HPE)HPE Networking Instant On3.2.0.0 <= 3.2.0.1affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References