AI description
CVE-2025-22936 is a vulnerability affecting Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi routers, specifically models SAM-4G1G-TT-W-VC and SAM-4F1F-TT-W-A1. The vulnerability allows remote attackers to obtain sensitive information due to a weak default WiFi password generation algorithm. An attacker could exploit this weakness from the network. This vulnerability was identified on January 9th, 2025 and publicly disclosed on February 6th, 2025. As of February 11th, 2025, the vulnerability is awaiting further analysis and no technical details or exploit code are publicly available. It's important to note that this information is current as of today's date and may change as more details become available.
- Description
- An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W-A1 allows a remote attacker to obtain sensitive information via the Weak default WiFi password generation algorithm in WiFi routers.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 5.7
- Impact score
- 3.6
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-1391
- Hype score
- Not currently trending
CVE-2025-22936: Smartcom Ralink routers use weak default WiFi password generation algorithm — advisory and PoC: https://t.co/IrvyzYHjxI, with @rgerganov If you're A1/Vivacom client, using defaults, change your WiFi PSK now.
@RealEnderSec
8 Feb 2025
4069 Impressions
0 Retweets
10 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22936 An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W-A1 allows a remote attacker to obtain sensitive information via the W… https://t.co/kDUOsuCMdH
@CVEnew
6 Feb 2025
328 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes