PT-2026-45994

Mercusys AC12G EU V1 router with firmware AC12GEU V1 200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials...

EUVD-2026-34145

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials...

CVE-2026-34474

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling...

Exploit for Improper Access Control in Fiberhome Hg6145F1_Firmware

FiberHome Wi-Fi Password Predictor CVE-2025-63353 A Python...

EUVD-2025-209375

In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs...

PYSEC-2026-135

In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs...

CVE-2026-34472

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

CVE-2020-37150

Edimax EW-7438RPn-v3 Mini 1.27 allows unauthenticated attackers to access the /wizardreboot.asp page in unsetup mode, which discloses the Wi-Fi SSID and security key. Attackers can retrieve the wireless password by sending a GET request to this endpoint, exposing sensitive information without...

CVE-2026-1329 Tenda AX1803 WifiGuestSet fromGetWifiGuestBasic stack-based overflow

A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be...

EUVD-2025-202407

Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II version 1.17478.146 allows attackers in Wi-Fi range to gain access to the dongle by calculating the default password from observable device identifiers...

Vodafone H500s 安全漏洞

Vodafone H500s is a WiFi router from Vodafone UK. A security vulnerability exists in Vodafone H500s version v3.5.10 that originates from an unauthenticated HTTP endpoint exposing the WiFi password, which could lead to unauthorized access to the wireless network...

CVE-2025-63353

A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi password WPA/WPA2 pre-shared key to be predicted from the SSID. The device generates default passwords using a deterministic algorithm that derives the router passphrase from the SSID, enabling an...

FiberHome GPON ONU HG6145F1 安全漏洞

The FiberHome GPON ONU HG6145F1 is a router from FiberHome China. A security vulnerability exists in the FiberHome GPON ONU HG6145F1 RP4423, which stems from the device's use of a deterministic algorithm to generate a default WiFi password, which could lead an attacker to predict the password...

BUFFALO WSR-1800AX4 Series 安全漏洞

BUFFALO WSR-1800AX4 Series is a series of WiFi routers from BUFFALO Japan. A security vulnerability exists in the BUFFALO WSR-1800AX4 Series that stems from an insufficient password hash calculation, which could lead to the PIN and Wi-Fi password being obtained by an attacker...

CVE-2025-56675

The CVE-2025-56675 entry concerns the EKEN video doorbell T6 BT60PLUS_MAIN_V1.0_GC1084_20230531, where the device periodically sends debug logs to EKEN cloud servers that include sensitive data such as the Wi‑Fi SSID and password. Public documents from Red Hat and others corroborate the issue as ...

CVE-2023-30354

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access...

CVE-2020-6864

ZTE E8820V3 router product is impacted by an information leak vulnerability. Attackers could use this vulnerability to to gain wireless passwords. After obtaining the wireless password, the attacker could collect information and attack the router...

CVE-2020-15834

An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std devices. The wireless network password is exposed in a QR encoded picture that an unauthenticated adversary can download via the web-management interface...

Airtel Xstream 安全漏洞

Airtel Xstream is a streaming controller from Airtel India. A security vulnerability exists in Airtel Xstream 20250123 and earlier versions, which stems from the use of weak credentials by the WiFi Password Handler component, resulting in an attack that can be carried out on the local network...

PT-2025-5873 · Bharti Airtel · Bharti Airtel Xstream Fiber

Name of the Vulnerable Software and Affected Versions: Bharti Airtel Xstream Fiber up to 20250123 Description: A vulnerability was found in the WiFi Password Handler component, leading to the use of weak credentials. The attack must be done within the local network and has a high complexity, maki...