PT-2025-26527 · Yealink · Yealink Ymcs Rps
Jeroen Hermans
+1
·
Published
2025-06-10
·
Updated
2025-06-22
·
CVE-2025-52916
CVSS v3.1
2.2
Low
| Vector | AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Yealink YMCS RPS versions prior to 2025-06-04
Description:
The issue is related to the lack of SN verification attempt limits, which enables brute-force enumeration of the last five digits.
Recommendations:
For versions prior to 2025-06-04, update to a version released after 2025-06-04 to include SN verification attempt limits and prevent brute-force enumeration.
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Yealink Ymcs Rps