CVE-2025-22936

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Feb 6, 2025

Updated: Feb 12, 2025

CWE ID 1391

Summary

CVE-2025-22936 is a vulnerability affecting Smartcom Bulgaria's AD Smartcom Ralink CPE/WiFi routers, specifically the SAM-4G1G-TT-W-VC and SAM-4F1F-TT-W-A1 models. The weakness lies in the WiFi password generation algorithm, which is too weak, enabling remote attackers to gain access to sensitive information. This vulnerability poses a significant risk, as default passwords are often left unchanged, making it easier for attackers to exploit this issue and infiltrate networks. Users are strongly advised to update their routers with the latest firmware and change their default passwords to secure their networks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database