Primary

Context

Sophos AP6 Series Wireless Access Points Authentication Bypass Vulnerability Granting Administrative Privileges

Vulnerability

An authentication bypass vulnerability has been identified in Sophos AP6 Series Wireless Access Points running firmware prior to version 1.7.2563 (MR7). This vulnerability allows remote attackers to gain administrative privileges on the access points by exploiting the management IP address.

Impact

Exploitation of this vulnerability allows remote attackers to bypass authentication and gain administrative privileges on the affected access points.

Remediation

Users of Sophos AP6 Series Wireless Access Points should upgrade to version 1.7.2563 (MR7) or later. Customers using the default updating policy will receive this update automatically. Those who have opted out of automatic updates must manually upgrade to the latest version.

Added: Sep 9, 2025, 9:40 PM

Updated: Sep 9, 2025, 9:40 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sophos AP6 Series Wireless Access Points Authentication Bypass Vulnerability Granting Administrative Privileges

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating