CVE-2025-3461
Severity CVSS v4.0:
Pending analysis
Type:
CWE-306
Missing Authentication for Critical Function
Publication date:
08/06/2025
Last modified:
13/01/2026
Description
The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).<br />
This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record&#39;s first publishing, though the vendor has released a best practices guide for implementors of this chipset.
Impact
Base Score 3.x
9.10
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:onsemi:qhs710_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qhs710:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qsr10ga_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qsr10ga:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qsr10gu_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qsr10gu:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qv840_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qv840:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qv840c_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qv840c:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qv860_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qv860:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qv940_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:onsemi:qv940:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:onsemi:qv942c_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page