CVE-2025-37129

Authenticated Remote Code Execution allows Exploit in Scripts Feature

CVSS 6.7 MEDIUMEPSS 0.2%CWE-78

A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an authenticated attacker to exploit built-in script execution capabilities. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system if the feature is enabled without proper security measures.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

Hewlett Packard Enterprise (HPE) · HPE Aruba Networking EdgeConnect SD-WAN Gateway

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04943en_us&docLocale=en_US