CVE-2024-25729

high

Description

Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to unauthorized remote access. (They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last octet.)

References

https://i.ebayimg.com/images/g/z2oAAOSwO1pbQ9BS/s-l1600.jpg

https://i.ebayimg.com/images/g/DhoAAOSwx0FbhhcN/s-l1600.jpg

https://github.com/actuator/cve/blob/main/Arris/SBG6580.png

https://github.com/actuator/cve/blob/main/Arris/CVE-2024-25729

Details

Source: Mitre, NVD

Published: 2024-03-08

Updated: 2024-08-01

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics