{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T21:13:43.546","vulnerabilities":[{"cve":{"id":"CVE-2025-63353","sourceIdentifier":"cve@mitre.org","published":"2025-11-12T16:15:36.877","lastModified":"2025-12-31T16:52:00.467","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi password (WPA/WPA2 pre-shared key) to be predicted from the SSID. The device generates default passwords using a deterministic algorithm that derives the router passphrase from the SSID, enabling an attacker who can observe the SSID to predict the default password without authentication or user interaction."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fiberhome:hg6145f1_firmware:rp4423:*:*:*:*:*:*:*","matchCriteriaId":"B68E84B5-2FA9-45C0-8658-39410255B3A6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fiberhome:hg6145f1:-:*:*:*:*:*:*:*","matchCriteriaId":"00C7C3CF-1C86-4F48-AA7B-4E1330399E95"}]}]}],"references":[{"url":"https://github.com/hanianis/CVE-2025-63353","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://medium.com/@hanianis.bouzid/fiberhome-gpon-onu-model-hg6145f1-router-predictable-wifi-passwords-and-real-risks-d8e54da385d3","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]}]}}]}