Aruba Instant On CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-37166	1 Hpe	1 Aruba Instant On	2026-01-14	7.5 High
A vulnerability affecting HPE Networking Instant On Access Points has been identified where a device processing a specially crafted packet could enter a non-responsive state, in some cases requiring a hard reset to re-establish services. A malicious actor could leverage this vulnerability to conduct a Denial-of-Service attack on a target network.
CVE-2025-37165	1 Hpe	1 Aruba Instant On	2026-01-14	7.5 High
A vulnerability in the router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces. A malicious actor could gain knowledge of internal network configuration details through inspecting impacted packets.
CVE-2021-41005	1 Hpe	14 Aruba Instant On 1930 24g 4sfp\/sfp\+, Aruba Instant On 1930 24g 4sfp\/sfp\+ Firmware, Aruba Instant On 1930 24g Class4 Poe 4sfp\/sfp\+ 195w and 11 more	2024-11-21	6.5 Medium
A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0.
CVE-2021-41004	1 Hpe	14 Aruba Instant On 1930 24g 4sfp\/sfp\+, Aruba Instant On 1930 24g 4sfp\/sfp\+ Firmware, Aruba Instant On 1930 24g Class4 Poe 4sfp\/sfp\+ 195w and 11 more	2024-11-21	7.5 High
A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0.

Page 1 of 1.