How to fix CVE-2025-52916?

During next maintenance window: Apply vendor patches when convenient. Monitor vendor channels for updates.

Is Yealink RPS affected by CVE-2025-52916?

CVE-2025-52916 is a low-severity vulnerability (CVSS 2.2). The limited severity suggests constrained impact, typically requiring specific conditions or local access for exploitation. Apply vendor updates when available as part of routine maintenance.

Yealink RPS CVE-2025-52916

EUVD-2025-19547 LOW

Improper Restriction of Excessive Authentication Attempts (CWE-307)

2025-06-21 [email protected]

Information Disclosure

2.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Patch available

Apr 16, 2026 - 05:29 EUVD

2025-06-04

Analysis Generated

Mar 15, 2026 - 21:35 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 21:35 euvd

EUVD-2025-19547

CVE Published

Jun 21, 2025 - 23:15 nvd

LOW 2.2

DescriptionNVD

Yealink RPS before 2025-06-04 lacks SN verification attempt limits, enabling brute-force enumeration (last five digits).

AnalysisAI

A remote code execution vulnerability (CVSS 2.2). Remediation should follow standard vulnerability management procedures.

Technical ContextAI

CWE-307 (Brute-Force Weakness).

RemediationAI

Monitor vendor channels for patch availability.

CVE-2025-52916 vulnerability details – vuln.today

Back

Yealink RPS CVE-2025-52916

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code