CVE-2025-37166

A vulnerability affecting HPE Networking Instant On Access Points has been identified where a device processing a specially crafted packet could enter a non-responsive state, in some cases requiring a hard reset to re-establish services. A malicious actor could leverage this vulnerability to conduct a Denial-of-Service attack on a target network.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04988en_us&docLocale=en_US

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad que afecta a los Puntos de Acceso HPE Networking Instant On ha sido identificada, donde un dispositivo que procesa un paquete especialmente diseñado podría entrar en un estado de no respuesta, en algunos casos requiriendo un reinicio forzado para restablecer los servicios. Un actor malicioso podría aprovechar esta vulnerabilidad para llevar a cabo un ataque de Denegación de Servicio en una red objetivo.

26 Feb 2026, 22:20

Type	Values Removed	Values Added
CWE		CWE-770

13 Jan 2026, 18:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-13 18:16

Updated : 2026-04-15 00:35

NVD link : CVE-2025-37166

Mitre link : CVE-2025-37166

CVE.ORG link : CVE-2025-37166

JSON object : View

Products Affected

No product.

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

7.5 /10