CVE-2025-52919

Summary

In Yealink RPS before 2025-05-26, the certificate upload function does not properly validate certificate content, potentially allowing invalid certificates to be uploaded.

Affected Software

VendorProductVersion RangeStatus
YealinkRPS0 < 2025-05-26affected

Weaknesses

  • CWE-295: CWE-295 Improper Certificate Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References