CVE-2025-52690
HIGHAlcatel-Lucent OmniAccess Stellar AP AWOS <= 5.0.2 - Root Command Execution
Title source: manualDescription
Successful exploitation of the vulnerability could allow an attacker to execute arbitrary commands as root, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point.
References (3)
Core 3
Core References
Various Sources
https://jro.sg/CVEs/CVE-2025-52690/
Various Sources
https://www.al-enterprise.com/-/media/assets/internet/documents/sa-n0150-omniaccess-stellar-multiple-vulnerabilities.pdf
Various Sources
https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-072/
Scores
CVSS v3
8.1
EPSS
0.0919
EPSS Percentile
94.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-77
Status
published
Products (5)
Alcatel-Lucent/OmniAccess Stellar Products
AP1100 AWOS versions 5.0.2 GA and earlier
Alcatel-Lucent/OmniAccess Stellar Products
AP1200 AWOS versions 5.0.2 GA and earlier
Alcatel-Lucent/OmniAccess Stellar Products
AP1300 AWOS versions 5.0.2 GA and earlier
Alcatel-Lucent/OmniAccess Stellar Products
AP1400 AWOS versions 5.0.2 GA and earlier
Alcatel-Lucent/OmniAccess Stellar Products
AP1500 AWOS versions 5.0.2 GA and earlier
Published
Jul 16, 2025
Tracked Since
Feb 18, 2026