What is the CVSS score of CVE-2025-37165?

CVE-2025-37165 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.0%.

Which versions of HP are affected by CVE-2025-37165?

CVE-2025-37165 presents notable security risk, a information exposure vulnerability rated CVSS 7.5.

How to fix or mitigate CVE-2025-37165?

Within 7 days: Identify all affected systems running the router mode configuration of HPE Instant On Access Point and apply vendor patches promptly. Monitor vendor channels for patch availability.

HP CVE-2025-37165

HIGH

Information Exposure (CWE-200)

2026-01-13 security-alert@hpe.com

Information Disclosure HP

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

CVE Published

Jan 13, 2026 - 18:16 nvd

HIGH 7.5

DescriptionNVD

A vulnerability in the router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces. A malicious actor could gain knowledge of internal network configuration details through inspecting impacted packets.

AnalysisAI

router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces. A malicious actor is affected by information exposure (CVSS 7.5).

Technical ContextAI

This vulnerability (CWE-200: Information Exposure) affects router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces. A malicious actor. in the router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces. A malicious actor could gain knowledge of internal network configuration details through inspecting impacted packets.

Affected ProductsAI

Product: router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces. A malicious actor.

RemediationAI

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

More from same product – last 7 days

CVE-2026-42626 Awaiting Data

5.9 May 22

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 (JetD

CVE-2025-37165 vulnerability details – vuln.today

Back

HP CVE-2025-37165

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code