9 matches found
CVE-2025-52690 Command Injection Vulnerability in the OmniAccess Stellar over UDP Service
Successful exploitation of the vulnerability could allow an attacker to execute arbitrary commands as root, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point...
CVE-2025-52690 Command Injection Vulnerability in the OmniAccess Stellar over UDP Service
Successful exploitation of the vulnerability could allow an attacker to execute arbitrary commands as root, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point...
CVE-2025-52690
CVE-2025-52690 describes a command injection vulnerability in the OmniAccess Stellar over UDP service. The available documents consistently indicate that exploitation could allow an attacker to execute arbitrary commands with root privileges, potentially compromising confidentiality, integrity, a...
CVE-2025-52689 Weak Session ID Check in the OmniAccess Stellar Web Management Interface
Successful exploitation of the vulnerability could allow an unauthenticated attacker to obtain a valid session ID with administrator privileges by spoofing the login request, potentially allowing the attacker to modify the behaviour of the access point...
CVE-2025-52689
CVE-2025-52689 affects Alcatel-Lucent OmniAccess Stellar Wi‑Fi APs (e.g., Stellar series) via a weak session ID check in the web management interface. The root cause allows an unauthenticated attacker to spoof a login and obtain a valid administrator session ID, potentially letting the attacker m...
CVE-2025-52688 Command Injection Vulnerability in the OmniAccess Stellar Web Management Interface
Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point...
CVE-2025-52688 Command Injection Vulnerability in the OmniAccess Stellar Web Management Interface
Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point...
CVE-2025-52687 JavaScript Injection Vulnerability in the OmniAccess Stellar Web Management Interface
Successful exploitation of the vulnerability could allow an attacker with administrator credentials for the access point to inject malicious JavaScript into the payload of web traffics, potentially leading to session hijacking and denial-of-service DoS...
CVE-2025-52687
The CVE-2025-52687 issue applies to Alcatel-Lucent OmniAccess Stellar products (Web Management Interface). Affected component: web management payload handling. Root cause described in sources as ability for an attacker with administrator credentials on the access point to inject malicious JavaScr...