8.8 CVE-2025-53558
ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K.K. use a common credential for all installations. With the knowledge of the credential, an attacker may log in to the affected devices.
https://nvd.nist.gov/vuln/detail/CVE-2025-53558
Categories
CWE-1391 : Use of Weak Credentials
The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker. Chain: JavaScript-based cryptocurrency library can fall back to the insecure Math.random() function instead of reporting a failure (CWE-392), thus reducing the entropy (CWE-332) and leading to generation of non-unique cryptographic keys for Bitcoin wallets (CWE-1391) Remote Terminal Unit (RTU) uses default credentials for some SSH accounts Distributed Control System (DCS) uses a deterministic algorithm to generate utility passwords Remote Terminal Unit (RTU) uses a hard-coded SSH private key that is likely to be used in typical deployments microcontroller board has default password, allowing admin access data visualization/sharing package uses default secret keys or cookie values if they are not specified in environment variables UART interface for AI speaker uses empty password for root shell password manager does not generate cryptographically strong passwords, allowing prediction of passwords using guessable details such as time of generation password generator for cloud application has small length value, making it easier for brute-force guessing network-attached storage (NAS) system has predictable default passwords for a diagnostics/support account IT asset management app has a default encryption key that is the same across installations cloud cluster management product has a default master encryption key Installation script has a hard-coded secret token value, allowing attackers to bypass authentication Intrusion Detection System (IDS) uses the same static, private SSL keys for multiple devices and installations, allowing decryption of SSL traffic Residential gateway uses the last 5 digits of the 'Network Name' or SSID as the default WEP key, which allows attackers to get the key by sniffing the SSID, which is sent in the clear
References
vultures@jpcert.or.jp
CPE
| cpe | start | end |
|---|
REMEDIATION
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| No known exploits | |||
POC Github
| Url |
|---|
| No known exploits |
Other Nist (github, ...)
| Url |
|---|
| No known exploits |
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
