Sagemcom Router Insufficient Default PSK Entropy

`<!--  
# Exploit Title: Sagemcom router insufficient default PSK entropy  
# Date: 4-3-2019  
# Exploit Author: Ryan Delaney  
# Author Contact: [email protected]  
# Author LinkedIn: https://www.linkedin.com/in/infosecrd/  
# Vendor Homepage: https://www.sagemcom.com/  
# Software Link: N/A  
# Version: 0.4.39  
# Tested on: 0.4.39  
# CVE: CVE-2019-9555  
  
1. Description  
  
Sagemcom F@st 5260 routers on firmware version 0.4.39 (and possibly  
others), in WPA mode, default to using a PSK that is generated from a  
2-part wordlist of known values and a nonce with insufficient entropy. The  
number of possible PSKs is about 1.78 billion, which is too small.  
  
2. Wordlist / PoC  
  
A txt file has been created that contains every possible default PSK. It  
contains ~1.78 billion entries and is about 23.4 GB uncompressed.  
A 582 MB compressed 7z archive containing this txt file is available here:  
hxxps://drive[.]google[.]com/file/d/1PZ-enM6VO56tMzhl42OCPGpBiteSIVD-/view?usp=sharing  
  
3. Mitigation  
  
Change the default PSK key to a more secure key with greater entropy.  
-->  
  
  
`