1. Home
  2. CVE Database
  3. CVE-2025-3461
CRITICAL · 9.1

CVE-2025-3461

The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 (CVSS...

Vulnerability Description

The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.

CVSS Score

9.1

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
OnsemiQhs710 Firmware-
OnsemiQhs710-
OnsemiQsr10Ga Firmware-
OnsemiQsr10Ga-
OnsemiQsr10Gu Firmware-
OnsemiQsr10Gu-
OnsemiQv840 Firmware-
OnsemiQv840-
OnsemiQv840C Firmware-
OnsemiQv840C-
OnsemiQv860 Firmware-
OnsemiQv860-
OnsemiQv940 Firmware-
OnsemiQv940-
OnsemiQv942C Firmware-
OnsemiQv942C-
OnsemiQv952C Firmware-
OnsemiQv952C-
OnsemiQcs-Ax2-S5 Firmware-
OnsemiQcs-Ax2-S5-

Related Weaknesses (CWE)

CWE-306

References

FAQ

What is CVE-2025-3461?

CVE-2025-3461 is a vulnerability with a CVSS score of 9.1 (CRITICAL). The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 (CVSS...

How severe is CVE-2025-3461?

CVE-2025-3461 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-3461?

Check the references section above for vendor advisories and patch information. Affected products include: Onsemi Qhs710 Firmware, Onsemi Qhs710, Onsemi Qsr10Ga Firmware, Onsemi Qsr10Ga, Onsemi Qsr10Gu Firmware.