Description

Missing authentication for critical function vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If exploited, a remote unauthenticated attacker may obtain the product configuration information including authentication information.

Classification

CVE ID: CVE-2025-29870

CVSS Base Severity: HIGH

CVSS Base Score: 7.5

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor: Inaba Denki Sangyo Co., Ltd., Inaba Denki Sangyo Co., Ltd., Inaba Denki Sangyo Co., Ltd., Inaba Denki Sangyo Co., Ltd., Inaba Denki Sangyo Co., Ltd., Inaba Denki Sangyo Co., Ltd.

Product: AC-WPS-11ac, AC-WPS-11ac-P, AC-WPSM-11ac, AC-WPSM-11ac-P, AC-PD-WPS-11ac, AC-PD-WPS-11ac-P

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 18.58% (scored less or equal to compared to others)

EPSS Date: 2025-04-21 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-29870
https://www.inaba.co.jp/abaniact/news/security_20250404.pdf
https://jvn.jp/en/vu/JVNVU93925742/

Timeline