CVE-2025-1081

Feb. 6, 2025, 9:15 p.m.

3.1
Low

Description

A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Password Handler. The manipulation leads to use of weak credentials. The attack needs to be done within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. The vendor was contacted early about this disclosure but did not respond in any way.

Product(s) Impacted

Product Versions
Bharti Airtel Xstream Fiber
  • ['up to 20250123']

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-1391
Use of Weak Credentials
The product uses weak credentials (such as a default key or hard-coded password) that can be calculated, derived, reused, or guessed by an attacker.

References

https://packetstorm.news/files/id/188799/
https://vuldb.com/?ctiid.294857
https://vuldb.com/?id.294857
https://vuldb.com/?submit.488582

Tags

cna@vuldb.com
CWE-1391
2025-02-06
CVE-2025-1081

CVSS Score

3.1 / 10

CVSS Data - 3.1

  • Attack Vector: ADJACENT_NETWORK
  • Attack Complexity: HIGH
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: LOW
  • Integrity Impact: NONE
  • Availability Impact: NONE

    • CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

    View Vector String

Timeline

Published: Feb. 6, 2025, 9:15 p.m.
Last Modified: Feb. 6, 2025, 9:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cna@vuldb.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.