CVE Vulnerabilities

CVE-2025-29525

Use of Default Credentials

Published: Aug 25, 2025 | Modified: Aug 26, 2025

CVSS 3.x

N/A

Source:

NVD

CVSS 2.x

RedHat/V2

RedHat/V3

Ubuntu

Vulnerability-free packages from our partners

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-29525
CWE	https://cwe.mitre.org/data/definitions/1392.html

DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was discovered to contain insecure default credentials in the modems control panel.

Weakness

The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

Potential Mitigations

References

https://gist.github.com/stevenyu113228/20ecc24a10e2b1b7038634b838503d7c

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.