PT-2025-38093 · Hewlett Packardaruba Networking · Edgeconnect Sd-Wan Gateways

Nicholas Migliore

Published

2025-09-16

Updated

2025-09-17

CVE-2025-37123

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HPE Aruba Networking EdgeConnect SD-WAN Gateways (affected versions not specified)

Description A vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to escalate privileges. Successful exploitation may enable the attacker to execute arbitrary system commands with root privileges on the underlying operating system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

BDU:2025-11499

CVE-2025-37123

Affected Products

Edgeconnect Sd-Wan Gateways

PT-2025-38093 · Hewlett Packardaruba Networking · Edgeconnect Sd-Wan Gateways

CVE-2025-37123

Weakness Enumeration

Related Identifiers

Affected Products

References · 8