CVE-2025-10159

Summary

An authentication bypass vulnerability allows remote attackers to gain administrative privileges on Sophos AP6 Series Wireless Access Points older than firmware version 1.7.2563 (MR7).

Affected Software

VendorProductVersion RangeStatus
SophosAP6 Series Wireless Access Points0 < 1.7.2563 (MR7)affected

Weaknesses

  • CWE-620: CWE-620 Unverified Password Change

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References