CVE-2025-52688
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-16
Last updated on: 2025-07-16
Assigner: CSA
Description
Description
Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| alcatel-lucent | ap1361d | From 4.0.4 (inc) |
| alcatel-lucent | omniaccess_stellar | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows an attacker to inject commands with root privileges on the affected access point. This means the attacker can execute arbitrary commands at the highest privilege level, potentially taking full control of the device.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to loss of confidentiality, integrity, and availability of the access point. An attacker could gain full control over the device, which may disrupt network operations and compromise sensitive data.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70