CVE-2025-52688

Description

Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point.

CVSS breakdown

Affected products

• Alcatel-Lucent / OmniAccess Stellar ProductsAP1100 AWOS versions 5.0.2 GA and earlier – AP1100 AWOS versions 5.0.2 GA and earlier
• Alcatel-Lucent / OmniAccess Stellar ProductsAP1200 AWOS versions 5.0.2 GA and earlier – AP1200 AWOS versions 5.0.2 GA and earlier
• Alcatel-Lucent / OmniAccess Stellar ProductsAP1300 AWOS versions 5.0.2 GA and earlier – AP1300 AWOS versions 5.0.2 GA and earlier
• Alcatel-Lucent / OmniAccess Stellar ProductsAP1400 AWOS versions 5.0.2 GA and earlier – AP1400 AWOS versions 5.0.2 GA and earlier
• Alcatel-Lucent / OmniAccess Stellar ProductsAP1500 AWOS versions 5.0.2 GA and earlier – AP1500 AWOS versions 5.0.2 GA and earlier

References

• VENDOR_ADVISORYhttps://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-072/
• MISChttps://www.al-enterprise.com/-/media/assets/internet/documents/sa-n0150-omniaccess-stellar-multiple-vulnerabilities.pdf
• MISChttps://jro.sg/CVEs/CVE-2025-52688/