CVE-2019-9555

MEDIUM

Sagemcom F@st 5260 - Info Disclosure

Title source: llm

Description

Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.

References (1)

[Mailing List, Mitigation, Third Party Advisory] https://seclists.org/fulldisclosure/2019/Mar/12

Scores

CVSS v3 5.3

EPSS 0.0024

EPSS Percentile 47.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-331

Status published

Products (1)

sagemcom/f\@st_5260_firmware 0.4.39

Published Mar 05, 2019

Tracked Since Feb 18, 2026