Unauthorized Access Risk in HPE Networking Instant On Access Points
CVE-2025-37103

9.8CRITICAL

Key Information:

Vendor

HP (HP)

Vendor
CVE Published:
8 July 2025

What is CVE-2025-37103?

A security flaw has been identified in HPE Networking Instant On Access Points due to hard-coded login credentials. This vulnerability allows unauthorized individuals to bypass standard authentication mechanisms, potentially granting them administrative access to affected devices. The exploitation of this flaw poses a risk to device security and integrity, as an attacker could gain control over the network infrastructure.

Affected Version(s)

HPE Networking Instant On 3.2.0.0 <= 3.2.0.1

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

ZZ from Ubisectech Sirius Team
.
CVE-2025-37103 : Unauthorized Access Risk in HPE Networking Instant On Access Points