- Description
- The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 ( CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) . This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.
- Source
- cve@takeonme.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.1
- Impact score
- 5.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Severity
- CRITICAL
- cve@takeonme.org
- CWE-306
- Hype score
- Not currently trending
🚨 Critical flaw (CVE-2025-3461): Quantenna Wi-Fi chips have unauthenticated telnet enabled by default. Update security settings! Details: https://t.co/V0inb3bAip #OffSeq #CVE2025 #IoTSecurity #CyberAlert https://t.co/VWjteySlHI
@offseq
9 Jun 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3461 The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and … https://t.co/BOdHAPJqnF
@CVEnew
8 Jun 2025
630 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-3461: CRITICAL] Quantenna Wi-Fi chips have an unauthenticated telnet interface by default, a security flaw known as CWE-306, with a CVSS score of 9.1. The issue remains unpatched in version 8.0.0.28.#cve,CVE-2025-3461,#cybersecurity https://t.co/6azj9st3pc https://t.co/
@CveFindCom
8 Jun 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes