CVE-2025-27797
CVE-2025-27797
In short
A Wi-Fi access point (AC-WPS-11ac series) allows attackers who log in to execute any operating system command they want. This bypasses normal security controls and gives complete control of the device.
Technical detail
OS command injection vulnerability (CWE-78) in AC-WPS-11ac Wi-Fi AP service allows authenticated remote attackers to execute arbitrary OS commands through unsanitized input. Attack vector requires valid login credentials; successful exploitation grants full system-level access and control over the affected device.
Summary generated and translated by AI from the official description.
OS command injection vulnerability in the specific service exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, an arbitrary OS command may be executed by a remote attacker who can log in to the product.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Inaba Denki Sangyo Co., Ltd. · AC-PD-WPS-11acInaba Denki Sangyo Co., Ltd. · AC-PD-WPS-11ac-PInaba Denki Sangyo Co., Ltd. · AC-WPS-11acInaba Denki Sangyo Co., Ltd. · AC-WPS-11ac-PInaba Denki Sangyo Co., Ltd. · AC-WPSM-11acInaba Denki Sangyo Co., Ltd. · AC-WPSM-11ac-PWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →