Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-3461— ON Semiconductor Quantenna Telnet Missing Authentication

CVSS 9.1 · Critical EPSS 0.31% · P54
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-3461

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
ON Semiconductor Quantenna Telnet Missing Authentication
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
关键功能的认证机制缺失
Source: NVD (National Vulnerability Database)
Vulnerability Title
Quantenna Communications Quantenna Wi-Fi chipset 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Quantenna Communications Quantenna Wi-Fi chipset是美国Quantenna Communications公司的一个WiFi芯片。 Quantenna Communications Quantenna Wi-Fi chipset 8.0.0.28及之前版本存在安全漏洞,该漏洞源于未认证telnet接口,可能导致未授权访问。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
ON SemiconductorQuantenna Wi-Fi chipset 0 ~ 8.0.0.28 -

II. Public POCs for CVE-2025-3461

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-3461

登录查看更多情报信息。

Same Patch Batch · ON Semiconductor · 2025-06-08 · 8 CVEs total

CVE-2025-34607.7 HIGHON Semiconductor Quantenna set_tx_pow Argument Injection
CVE-2025-34597.7 HIGHON Semiconductor Quantenna transmit_file Argument Injection
CVE-2025-324577.7 HIGHON Semiconductor Quantenna router_command.sh (in the get_file_from_qtn argument) Argument
CVE-2025-324557.7 HIGHON Semiconductor Quantenna router_command.sh (in the run_cmd argument) Argument Injection
CVE-2025-324587.7 HIGHON Semiconductor Quantenna router_command.sh (in the get_syslog_from_qtn argument) Argumen
CVE-2025-324597.7 HIGHON Semiconductor Quantenna router_command.sh (in the sync_time argument) Argument Injectio
CVE-2025-324567.7 HIGHON Semiconductor Quantenna router_command.sh (in the put_file_to_qtn argument) Argument In

IV. Related Vulnerabilities

Same product: Quantenna Wi-Fi chipset
Same vendor: ON Semiconductor
Same weakness: CWE-306

V. Comments for CVE-2025-3461

No comments yet

Leave a comment