CVE-2025-52688
CRITICALAccess Point <unknown> - Command Injection
Title source: llmDescription
Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point.
Exploits (1)
Scores
CVSS v3
9.8
EPSS
0.0021
EPSS Percentile
43.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-77
Status
published
Products (5)
Alcatel-Lucent/OmniAccess Stellar Products
AP1100 AWOS versions 5.0.2 GA and earlier
Alcatel-Lucent/OmniAccess Stellar Products
AP1200 AWOS versions 5.0.2 GA and earlier
Alcatel-Lucent/OmniAccess Stellar Products
AP1300 AWOS versions 5.0.2 GA and earlier
Alcatel-Lucent/OmniAccess Stellar Products
AP1400 AWOS versions 5.0.2 GA and earlier
Alcatel-Lucent/OmniAccess Stellar Products
AP1500 AWOS versions 5.0.2 GA and earlier
Published
Jul 16, 2025
Tracked Since
Feb 18, 2026