Information Disclosure Vulnerability in Yealink YMCS RPS API
CVE-2025-52917
Currently unrated
What is CVE-2025-52917?
The Yealink YMCS RPS API prior to May 2025 lacks adequate rate limiting measures, potentially allowing attackers to exploit this weakness. Through excessive requests, unauthorized users could gain access to sensitive information, raising serious concerns regarding data security and privacy. It is advisable for users and administrators to review their API usage and implement necessary security measures to protect against potential data leakage.