HPEs Wi‑Fi Hard‑Coded Passwords
HPE’s Wi‑Fi Kit Gets a Nasty Surprise: Hard‑Coded Passwords Hewlett‑Packard Enterprise (HPE) has patched two nasty bugs in its Instant On wireless access‑points. The worst, CVE‑2025‑37103 (CVSS 9.8), comes from hard‑coded admin credentials that let anyone waltz straight past the login screen. A second flaw, CVE‑2025‑37102 (CVSS 7.2), allows command injection once you’re signed in. Chained together, the pair […]