CVE-2025-9994

Amp’ed RF · BT-AP 111

The Amp’ed RF BT-AP 111 Bluetooth access point features an HTTP admin interface that lacks authentication, permitting unauthorized access to any user on the network.

Executive summary

The Amp’ed RF BT-AP 111 Bluetooth access point is vulnerable to unauthorized administrative access due to a complete lack of authentication on its HTTP management interface.

Vulnerability

This is an authentication bypass vulnerability. The HTTP admin interface fails to verify user credentials, allowing any attacker with network connectivity to the device to access administrative functions.

Business impact

The lack of authentication on an administrative interface provides an attacker with full control over the access point's configuration. With a CVSS score of 9.8, this flaw could allow an attacker to intercept traffic, modify network settings, or pivot into internal networks, leading to severe data compromise and unauthorized access.

Remediation

Immediate Action: Update the device firmware to the latest available version provided by Amp’ed RF.

Proactive Monitoring: Review network traffic logs for unauthorized access attempts to the device’s administrative web interface.

Compensating Controls: Isolate the management interface of the BT-AP 111 on a dedicated, restricted VLAN and ensure it is not accessible from the public internet or untrusted internal network segments.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

This vulnerability is highly critical due to its simplicity and the high level of access granted to an attacker. Administrators must ensure that management interfaces are not exposed and that the device is updated immediately upon the release of a security patch.