Denial-of-Service Vulnerability in HPE Networking Instant On Access Points
CVE-2025-37166

7.5HIGH

Key Information:

Vendor: HP (HP)
Status: Instant On
Vendor: CVE Published:; 13 January 2026

What is CVE-2025-37166?

A vulnerability has been discovered in HPE Networking Instant On Access Points, where specially crafted packets can cause the device to become unresponsive. This situation may require a hard reset to restore normal operations. Malicious actors could exploit this issue to launch Denial-of-Service attacks, leading to significant disruptions in network services. It is vital for administrators to monitor and update their systems to mitigate the risks associated with this vulnerability.

Affected Version(s)

Instant On 3.0.0.0 <= 3.3.1.0

References

https://support.hpe.com/hpesc/public/docDisplay?docId=hpe...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 13, 2026
Vulnerability Reserved
Apr 16, 2025

Credit

Petr Chelmar

JSON

HP (HP)

What is CVE-2025-37166?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit