Description

Information disclosure of authentication information in the specific service vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, a remote unauthenticated attacker may obtain the product authentication information.

Classification

CVE ID: CVE-2025-27934

CVSS Base Severity: HIGH

CVSS Base Score: 7.5

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor: Inaba Denki Sangyo Co., Ltd., Inaba Denki Sangyo Co., Ltd., Inaba Denki Sangyo Co., Ltd., Inaba Denki Sangyo Co., Ltd., Inaba Denki Sangyo Co., Ltd., Inaba Denki Sangyo Co., Ltd.

Product: AC-WPS-11ac, AC-WPS-11ac-P, AC-WPSM-11ac, AC-WPSM-11ac-P, AC-PD-WPS-11ac, AC-PD-WPS-11ac-P

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 18.58% (scored less or equal to compared to others)

EPSS Date: 2025-04-21 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-27934
https://www.inaba.co.jp/abaniact/news/security_20250404.pdf
https://jvn.jp/en/vu/JVNVU93925742/

Timeline