CVE-2025-63353

Critical CVSS: 9.8

A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi password (WPA/WPA2 pre-shared key) to be predicted from the SSID. The device generates default passwords using a deterministic algorithm that derives the router passphrase from the SSID, enabling an attacker who can observe the SSID to predict the default password without authentication or user interaction.

Vendor

Fiberhome

Product

Hg6145f1 Firmware

CWE

CWE-284

Yayın Tarihi

2025-11-12 16:15:36

Güncelleme

2025-12-31 16:52:00

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-284 Hg6145f1 Firmware CRITICAL Fiberhome 2025

Referanslar

https://github.com/hanianis/CVE-2025-63353 https://medium.com/@hanianis.bouzid/fiberhome-gpon-onu-model-hg6145f1-router-predictable-wifi-passwords-and-real-risks-d8e54da385d3

Benzer Kayıtlar

Medium

CVE-2025-1616

A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected by t…

Medium

CVE-2025-1615

A vulnerability classified as problematic was found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this vulnerabil…

Medium

CVE-2025-1613

A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. It has been rated as problematic. This issue affects…

Medium

CVE-2025-1614

A vulnerability classified as problematic has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected is an unknown…