Denial of Service Vulnerability in HPE Product Management Interface
CVE-2025-37161

7.5HIGH

Key Information:

Vendor: HP (HP)
Status: HP Aruba Networking 100 Series Cellular Bridge
Vendor: CVE Published:; 18 November 2025

What is CVE-2025-37161?

This vulnerability exists in the web-based management interface of various HPE products, enabling a remote attacker to exploit it without authentication. If successfully exploited, the attacker can crash the system, preventing it from rebooting automatically. This disruption can significantly impede network operations, as manual intervention is required to restore functionality.

Affected Version(s)

HPE Aruba Networking 100 Series Cellular Bridge 10.7.0.0 <= 10.7.1.1

References

https://support.hpe.com/hpesc/public/docDisplay?docId=hpe...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 18, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

Nicholas Starke

JSON

HP (HP)

What is CVE-2025-37161?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit