Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Mon, 22 Dec 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 21 Dec 2025 03:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Yealink RPS before 2025-06-27 allows unauthorized access to information, including AutoP URL addresses. This was fixed by deploying an enhanced authentication mechanism through a security update to all cloud instances. | |
| Weaknesses | CWE-290 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-12-22T20:18:54.366Z
Reserved: 2025-12-21T03:01:54.706Z
Link: CVE-2025-68644
Updated: 2025-12-22T20:18:50.616Z
Status : Deferred
Published: 2025-12-21T04:16:05.270
Modified: 2026-06-17T09:59:22.387
Link: CVE-2025-68644
No data.
OpenCVE Enrichment
No data.