CVE-2025-37130
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-16
Last updated on: 2025-09-17
Assigner: Hewlett Packard Enterprise (HPE)
Description
Description
A vulnerability in the command-line interface of EdgeConnect SD-WAN could allow an authenticated attacker to read arbitrary files within the system. Successful exploitation could allow an attacker to read sensitive data from the underlying file system.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hpe | edgeconnect_sd-wan | 3.1 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-552 | The product makes files or directories accessible to unauthorized actors, even though they should not be. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the command-line interface of EdgeConnect SD-WAN and allows an authenticated attacker to read arbitrary files on the system. This means that someone with access to the CLI could potentially access sensitive files stored on the device.
How can this vulnerability impact me? :
The vulnerability could allow an attacker to read sensitive data from the underlying file system, potentially exposing confidential information and leading to data breaches.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70