CVE-2025-52689 PoC — Weak Session ID Check in the OmniAccess Stellar Web Management Interface

Source

https://github.com/UltimateHG/CVE-2025-52689-PoC

Associated Vulnerability

Title:Weak Session ID Check in the OmniAccess Stellar Web Management Interface (CVE-2025-52689)
Description:Successful exploitation of the vulnerability could allow an unauthenticated attacker to obtain a valid session ID with administrator privileges by spoofing the login request, potentially allowing the attacker to modify the behaviour of the access point.

Readme

# CVE-2025-52689 PoC Code

PoC code for CVE-2025-52689 Alcatel-Lucent Enterprise AP1361D Wi-Fi Access Point Authentication Bypass Vulnerability.

This POC was developed for the SpiritCyber 2024 competition held during Singapore International Cyber Week 2024.

## Usage

1. Install requirements with `pip install -r requirements.txt`

2. Open `exp.py` and modify the `base` variable to the base address of the router's web interface (e.g. `10.0.0.1:443`)

3. Run `exp.py` with `python exp.py`

The POC first sends the payload to obtain a valid session, then sends another packet to add the MAC address `DE:AD:BE:EF:10:01` to the client blacklist.

The returned valid session ID can be used to validate any valid web interface requests, including changing passwords, resetting the router, etc.

Detailed writeup can be found [here](https://blog.uhg.sg/article/24.html).

File Snapshot


 [4.0K]  /data/pocs/5e04fa9a28baa3fedbb7e2353ca6860125769d77
├── [3.3K]  exp.py
├── [ 868]  README.md
└── [  17]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!