CVE-2025-37166

{"id": "CVE-2025-37166", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-alert@hpe.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-01-13T18:16:05.477", "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04988en_us&docLocale=en_US", "source": "security-alert@hpe.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability affecting HPE Networking Instant On Access Points has been identified where a device processing a specially crafted packet could enter a non-responsive state, in some cases requiring a hard reset to re-establish services. A malicious actor could leverage this vulnerability to conduct a Denial-of-Service attack on a target network."}, {"lang": "es", "value": "Una vulnerabilidad que afecta a los Puntos de Acceso HPE Networking Instant On ha sido identificada, donde un dispositivo que procesa un paquete especialmente dise\u00f1ado podr\u00eda entrar en un estado de no respuesta, en algunos casos requiriendo un reinicio forzado para restablecer los servicios. Un actor malicioso podr\u00eda aprovechar esta vulnerabilidad para llevar a cabo un ataque de Denegaci\u00f3n de Servicio en una red objetivo."}], "lastModified": "2026-02-26T22:20:42.347", "sourceIdentifier": "security-alert@hpe.com"}