CNNVD-202512-3882 Information

CNNVD ID

CNNVD-202512-3882

Related CVE

CVE-2025-68644

• CNNVD Published: 2025-12-21

Description (Chinese)

Yealink RPS是中国亿联（Yealink）公司的一款重定向与配置服务软件。 Yealink RPS 2025-06-27之前版本存在安全漏洞，该漏洞源于未授权访问机制缺陷，可能导致信息泄露。

Description (English)

Yealink RPS is a re-directed and configured service software for the company Yealink. Before Yealink RPS 2025-06-27, there was a security loophole, which stemmed from deficiencies in unauthorized access mechanisms and could lead to the disclosure of information.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

亿联

Published

2025-12-21

Last Modified

2026-02-24

References

https://www.yealink.com/website-service/download/Yealink_RPS_Security_Remediation_Verification_Report.pdf https://www.yealink.com/en/trust-center/security-bulletins/yealink-unauthorized-access-to-rps-vulnerability https://access.redhat.com/security/cve/cve-2025-68644

Patch

https://www.yealink.com/en/trust-center/security-bulletins/yealink-unauthorized-access-to-rps-vulnerability