CVE-2025-15620

Name of the Vulnerable Software and Affected Versions HiOS Switch Platform versions 09.1.00 through 09.4.04 and version 10.3.01.

Description The HiOS Switch Platform contains a denial-of-service issue in the web interface. Remote attackers can reboot the affected device by sending a malicious HTTP GET request to a specific endpoint. Attackers can trigger an uncontrolled reboot condition through crafted HTTP requests, causing service disruption and unavailability of the switch.

Recommendations Versions 09.1.00 through 09.4.04 should be updated to version 09.4.05 or later. Version 10.3.01 should be updated to a later version.