Primary

Context

HPE Aruba Networking EdgeConnect SD-WAN Unauthenticated File Read Vulnerability in Command-Line Interface

Vulnerability

Patched

A vulnerability exists in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways. It allows authenticated attackers to read arbitrary files from the underlying file system. Successful exploitation could lead to the unauthorized access and disclosure of sensitive information.

Impact

Exploitation of this vulnerability could result in unauthorized read access to sensitive data stored on the system.

Remediation

Users are advised to upgrade to HPE Aruba Networking EdgeConnect SD-WAN versions 9.5.4.1 or 9.4.4.2. For more details on HPE Aruba Networking's End-of-Support policy, please visit the HPE Aruba Networking Support Services End-of-Life page.

Added: Sep 16, 2025, 11:18 PM

Updated: Sep 16, 2025, 11:18 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

8.3

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

8.3

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HPE Aruba Networking EdgeConnect SD-WAN Unauthenticated File Read Vulnerability in Command-Line Interface

Vulnerability

Impact

Remediation

Affected Products

HPE Aruba Networking EdgeConnect SD-WAN

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating