CVE-2024-25729
HIGHArris SBG6580 - Weak Password Requirements via Predictable WPA2 Default Credentials
Title source: llmDescription
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to unauthorized remote access. (They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last octet.)
References (4)
Core 4
Core References
Various Sources
https://github.com/actuator/cve/blob/main/Arris/CVE-2024-25729
Various Sources
https://i.ebayimg.com/images/g/DhoAAOSwx0FbhhcN/s-l1600.jpg
Various Sources
https://i.ebayimg.com/images/g/z2oAAOSwO1pbQ9BS/s-l1600.jpg
Scores
CVSS v3
8.8
EPSS
0.0049
EPSS Percentile
37.8%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-521
Status
published
Published
Mar 08, 2024
Tracked Since
Feb 18, 2026