CVE-2025-52919 MEDIUM

CVE-2025-52919

Vendor Yealink
Product RPS
Weakness CWE-295
Published June 21, 2025
Last update July 28, 2025

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

In Yealink RPS before 2025-05-26, the certificate upload function does not properly validate certificate content, potentially allowing invalid certificates to be uploaded.

Key dates

02Disclosure timeline

June 21, 2025 CVE published
July 28, 2025 Record updated

Related vulnerabilities

04Related CVE