CVE-2026-45433

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

EUVD-2026-34251

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

EUVD-2026-34250

This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...

PT-2026-21553

Name of the Vulnerable Software and Affected Versions GCOM EPON 1GE ONU version C00R371V00B01 Description The software suffers from improper session management, which enables attackers to hijack user sessions. This is achieved by spoofing the IP address of an authenticated user. Recommendations...

CVE-2025-71056

The CVE-2025-71056 entry concerns GCOM EPON 1GE ONU, version C00R371V00B01, with improper session management that allows session hijacking by spoofing the IP address of an authenticated user. The connected sources (NVD/CVE records) confirm the vulnerability description but do not provide specific...

CVE-2025-70545

A stored cross-site scripting XSS vulnerability exists in the web management interface of the PPC Belden ONT 2K05X router running firmware v1.1.9206L. The Common Gateway Interface CGI component improperly handles user-supplied input, allowing a remote, unauthenticated attacker to inject arbitrary...

EUVD-2025-206613

The unified WEBUI application of the ONT/Beacon device contains an input handling flaw that allows authenticated users to trigger unintended system-level command execution. Due to insufficient validation of user-supplied data, a low-privileged authenticated attacker may be able to execute arbitra...

EUVD-2022-55925

JM-DATA ONU JF511-TV version 1.0.67 uses default credentials that allow attackers to gain unauthorized access to the device with administrative privileges...

CVE-2025-63353

A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi password WPA/WPA2 pre-shared key to be predicted from the SSID. The device generates default passwords using a deterministic algorithm that derives the router passphrase from the SSID, enabling an...

EUVD-2021-27299

Malware in sbrugna...

EUVD-2025-27466

Malicious code in bioql PyPI...

EUVD-2025-27470

Malicious code in bioql PyPI...

CVE-2025-54084

OS Command 'OS Command Injection' vulnerability in Calix GigaCenter ONT Quantenna SoC modules allows authenticated attackers with 'super' user credentials to execute arbitrary OS commands through improper input validation, potentially leading to full system compromise.This issue affects GigaCente...

CVE-2025-54084

CVE-2025-54084 refers to an OS Command Injection in Calix GigaCenter ONT (Quantenna SoC modules). The vulnerability arises from improper input validation in the OS command pathway, allowing authenticated attackers with super credentials to execute arbitrary OS commands, potentially leading to ful...

CVE-2025-7635 Calix GigaCenter ONT - Unauthenticated Telnet

Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT allows root access.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE...

CVE-2025-53914

CVE-2025-53914 affects Calix GigaCenter ONT devices with Broadcom SoCs (models 844E, 844G, 844GE, 854GE, 812G, 813G, 818G). The issue is an excessive privileges vulnerability allowing privilege abuse due to a privilege escalation/root cause described as privilege abuse. CVSS-based notes in source...

PT-2025-36956

Name of the Vulnerable Software and Affected Versions: Calix GigaCenter ONT versions 844E Calix GigaCenter ONT versions 844G Calix GigaCenter ONT versions 844GE Calix GigaCenter ONT versions 854GE Description: An unauthenticated Telnet access issue exists in Calix GigaCenter ONT, allowing root...

Calix GigaCenter ONT Series 安全漏洞

Calix GigaCenter ONT Series is a series of optical network terminals from Calix USA. A security vulnerability exists in the Calix GigaCenter ONT Series that originates from a common user being able to abuse elevated privileges. The following products and versions are affected: GigaCenter ONT 844E...

Calix GigaCenter ONT Series 安全漏洞

Calix GigaCenter ONT Series is a series of optical network terminals from Calix USA. A security vulnerability exists in the Calix GigaCenter ONT Series that originates from a common user being able to abuse elevated privileges. The following products and versions are affected: GigaCenter ONT 844E...

Calix GigaCenter ONT Series 安全漏洞

The Calix GigaCenter ONT Series is a series of optical network terminals from Calix USA. A security vulnerability exists in the Calix GigaCenter ONT Series 844E version, 844G version, 844GE version, and 854GE version, which stems from the insecure storage of sensitive information and could lead t...