Main Vulnerability Database Vulnerabilities #VU115077

#VU115077 Improper authentication in AP6 Series Wireless Access Points - CVE-2025-10159

Published: September 9, 2025

Vulnerability identifier: #VU115077

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2025-10159

CWE-ID: CWE-287

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
AP6 Series Wireless Access Points

Software vendor:
Sophos

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the authentication process. A remote attacker with access to the access point’s management IP address can bypass authentication process and gain unauthorized access to the device.

Remediation

Install updates from vendor's website.

External links

https://www.sophos.com/en-us/security-advisories/sophos-sa-20250909-ap6

#VU115077 Improper authentication in AP6 Series Wireless Access Points - CVE-2025-10159

Description

Remediation

External links

Please verify you're human