98 matches found
CVE-2025-3461 ON Semiconductor Quantenna Telnet Missing Authentication
The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. This issue affects Quantenna Wi-Fi chipset through versi...
CVE-2025-3461 ON Semiconductor Quantenna Telnet Missing Authentication
The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N...
CVE-2025-3460 ON Semiconductor Quantenna set_tx_pow Argument Injection
The Quantenna Wi-Fi chipset ships with a local control script, settxpow, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...
CVE-2025-3460
The CVE-2025-3460 issue affects Quantenna Wi‑Fi chipsets via the SDK up to version 8.0.0.28. A local command-injection vulnerability exists in the local control scripts (set_tx_pow; router_command.sh in the sync_time/get_syslog_from_qtn arguments), classified as CWE-88 (Argument Injection). CVSS ...
CVE-2025-3460 ON Semiconductor Quantenna set_tx_pow Argument Injection
The Quantenna Wi-Fi chipset ships with a local control script, settxpow, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS...
CVE-2025-3459
The CVE refers to the Quantenna Wi‑Fi chipset where the local control script transmit_file is vulnerable to command injection (CWE-88). Affected products include Quantenna Wi‑Fi chipset up to version 8.0.0.28 of the latest SDK. The issue is described with CVSS 7.7–7.8 metrics (LOCAL attacker, low...
CVE-2025-3459 ON Semiconductor Quantenna transmit_file Argument Injection
The Quantenna Wi-Fi chipset ships with a local control script, transmitfile, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...
CVE-2025-3459 ON Semiconductor Quantenna transmit_file Argument Injection
The Quantenna Wi-Fi chipset ships with a local control script, transmitfile, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command 'Argument Injection'," and is estimated as a CVSS 7.7...
Quantenna Communications Quantenna Wi-Fi chipset 安全漏洞
Quantenna Communications Quantenna Wi-Fi chipset is a WiFi chip from Quantenna Communications, USA. A security vulnerability exists in Quantenna Communications Quantenna Wi-Fi chipset version 8.0.0.28 and earlier, which originates from a command injection in the getfilefromqtn parameter in the...
Quantenna Communications Quantenna Wi-Fi chipset 安全漏洞
Quantenna Communications Quantenna Wi-Fi chipset is a WiFi chip from Quantenna Communications, Inc. A security vulnerability exists in Quantenna Communications Quantenna Wi-Fi chipset version 8.0.0.28 and earlier, which originates from a command injection and could lead to arbitrary command...
Quantenna Communications Quantenna Wi-Fi chipset 安全漏洞
Quantenna Communications Quantenna Wi-Fi chipset is a WiFi chip from Quantenna Communications, USA. A security vulnerability exists in Quantenna Communications Quantenna Wi-Fi chipset version 8.0.0.28 and earlier, which originates from a command injection in the putfiletoqtn parameter in the...
Quantenna Communications Quantenna Wi-Fi chipset 安全漏洞
Quantenna Communications Quantenna Wi-Fi chipset is a WiFi chip from Quantenna Communications, USA. A security vulnerability exists in Quantenna Communications Quantenna Wi-Fi chipset version 8.0.0.28 and earlier, which originates from a command injection in the getsyslogfromqtn parameter in the...
Quantenna Communications Quantenna Wi-Fi chipset 安全漏洞
The Quantenna Communications Quantenna Wi-Fi chipset is a WiFi chip from Quantenna Communications, Inc. A security vulnerability exists in Quantenna Communications Quantenna Wi-Fi chipset version 8.0.0.28 and earlier, which originates from a command injection and could lead to arbitrary command...
PT-2025-24375 · Quantenna · Quantenna Wi-Fi Chipset
Name of the Vulnerable Software and Affected Versions: Quantenna Wi-Fi chipset versions through 8.0.0.28 Description: The issue concerns an unauthenticated telnet interface that ships by default with the Quantenna Wi-Fi chips, classified as CWE-306, "Missing Authentication for Critical Function."...
Quantenna Communications Quantenna Wi-Fi chipset 安全漏洞
Quantenna Communications Quantenna Wi-Fi chipset is a WiFi chip from Quantenna Communications, USA. A security vulnerability exists in Quantenna Communications Quantenna Wi-Fi chipset version 8.0.0.28 and earlier, which originates from a command injection in the synctime parameter of the...
Quantenna Communications Quantenna Wi-Fi chipset 安全漏洞
Quantenna Communications Quantenna Wi-Fi chipset is a WiFi chip from Quantenna Communications, USA. A security vulnerability exists in Quantenna Communications Quantenna Wi-Fi chipset version 8.0.0.28 and prior versions, which originates from an unauthenticated telnet interface and could lead to...
Quantenna Communications Quantenna Wi-Fi chipset 安全漏洞
Quantenna Communications Quantenna Wi-Fi chipset is a WiFi chip from Quantenna Communications, USA. A security vulnerability exists in Quantenna Communications Quantenna Wi-Fi chipset version 8.0.0.28 and earlier, which originates from a command injection in the runcmd parameter of the...
CVE-2018-15556
The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers...
CVE-2018-15557
An issue was discovered in the Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 devices. An attacker can statically set his/her IP to anything on the 169.254.1.0/24 subnet, and obtain root access by connecting to 169.254.1.2 port 23 with telnet/netcat...
PT-2025-24373
Name of the Vulnerable Software and Affected Versions Quantenna Wi-Fi chipset versions prior to 8.0.0.28 Description The Quantenna Wi-Fi chipset ships with a local control script, transmit file, that is vulnerable to command injection. This issue is an instance of CWE-88, "Improper Neutralization...