Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-37163

A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system.

Published

2025-11-18T19:15:48.290

Last Modified

2025-12-03T13:34:55.903

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses

Type: Primary
CWE-77
Type: Secondary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	arubanetworks	airwave	< 8.3.0.5	Yes

References

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04971en_us&docLocale=en_US Vendor Advisory ([email protected])