CVE-2025-23407 MEDIUM

CVE-2025-23407

Vendor Inaba Denki Sangyo Co., Ltd.
Product AC-WPS-11ac
Weakness CWE-266
Published April 9, 2025
Last update April 9, 2025

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

Incorrect privilege assignment vulnerability in the WEB UI (the setting page) exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, a remote attacker who can log in to the product may alter the settings without appropriate privileges.

Key dates

02Disclosure timeline

April 9, 2025 CVE published
April 9, 2025 Record updated

Related vulnerabilities

04Related CVE