Medium severity4.3NVD Advisory· Published Jun 21, 2025· Updated Apr 15, 2026

CVE-2025-52919

Description

In Yealink RPS before 2025-05-26, the certificate upload function does not properly validate certificate content, potentially allowing invalid certificates to be uploaded.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

dnip.ch/2025/06/25/yealink-voip-phones-insecurity-by-design/nvd
seclists.org/fulldisclosure/2025/Jun/20nvd
support.yealink.com/en/portal/knowledge/shownvd
www.yealink.com/en/trust-center/security-advisories/ecb16a4993014d22nvd

News mentions

No linked articles in our index yet.

cvss	0.280
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000