CVE-2025-37130 | THREATINT

Description

A vulnerability in the command-line interface of EdgeConnect SD-WAN could allow an authenticated attacker to read arbitrary files within the system. Successful exploitation could allow an attacker to read sensitive data from the underlying file system.

PUBLISHED Reserved 2025-04-16 | Published 2025-09-16 | Updated 2025-09-17 | Assigner hpe

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Product status

Default status

affected

9.5.0.0 (semver)

affected

9.4.0.0 (semver)

affected

Credits

NCC Group reporter

References

support.hpe.com/...y?docId=hpesbnw04943en_us&docLocale=en_US

cve.org (CVE-2025-37130)

nvd.nist.gov (CVE-2025-37130)

Download JSON