Lucene search
K

9 matches found

Cvelist
Cvelist
added 2025/07/16 6:34 a.m.11 views

CVE-2025-52690 Command Injection Vulnerability in the OmniAccess Stellar over UDP Service

Successful exploitation of the vulnerability could allow an attacker to execute arbitrary commands as root, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point...

8.1CVSS0.09189EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/16 6:34 a.m.4 views

CVE-2025-52690 Command Injection Vulnerability in the OmniAccess Stellar over UDP Service

Successful exploitation of the vulnerability could allow an attacker to execute arbitrary commands as root, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point...

8.1CVSS7.4AI score0.09189EPSS
Exploits0References3
CVE
CVE
added 2025/07/16 6:34 a.m.17 views

CVE-2025-52690

CVE-2025-52690 describes a command injection vulnerability in the OmniAccess Stellar over UDP service. The available documents consistently indicate that exploitation could allow an attacker to execute arbitrary commands with root privileges, potentially compromising confidentiality, integrity, a...

8.1CVSS7.5AI score0.09189EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/16 6:30 a.m.10 views

CVE-2025-52689 Weak Session ID Check in the OmniAccess Stellar Web Management Interface

Successful exploitation of the vulnerability could allow an unauthenticated attacker to obtain a valid session ID with administrator privileges by spoofing the login request, potentially allowing the attacker to modify the behaviour of the access point...

9.8CVSS0.11008EPSS
Exploits1References3
CVE
CVE
added 2025/07/16 6:30 a.m.26 views

CVE-2025-52689

CVE-2025-52689 affects Alcatel-Lucent OmniAccess Stellar Wi‑Fi APs (e.g., Stellar series) via a weak session ID check in the web management interface. The root cause allows an unauthenticated attacker to spoof a login and obtain a valid administrator session ID, potentially letting the attacker m...

9.8CVSS6.5AI score0.11008EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/07/16 6:23 a.m.4 views

CVE-2025-52688 Command Injection Vulnerability in the OmniAccess Stellar Web Management Interface

Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point...

9.8CVSS6.8AI score0.22535EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/07/16 6:23 a.m.14 views

CVE-2025-52688 Command Injection Vulnerability in the OmniAccess Stellar Web Management Interface

Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point...

9.8CVSS0.22535EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/07/16 6:15 a.m.6 views

CVE-2025-52687 JavaScript Injection Vulnerability in the OmniAccess Stellar Web Management Interface

Successful exploitation of the vulnerability could allow an attacker with administrator credentials for the access point to inject malicious JavaScript into the payload of web traffics, potentially leading to session hijacking and denial-of-service DoS...

2.4CVSS0.00229EPSS
Exploits0References2
CVE
CVE
added 2025/07/16 6:15 a.m.17 views

CVE-2025-52687

The CVE-2025-52687 issue applies to Alcatel-Lucent OmniAccess Stellar products (Web Management Interface). Affected component: web management payload handling. Root cause described in sources as ability for an attacker with administrator credentials on the access point to inject malicious JavaScr...

2.4CVSS6.5AI score0.00229EPSS
Exploits0References2
Rows per page
Query Builder