CVE-2025-29525
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-25

Last updated on: 2025-08-26

Assigner: MITRE

Description
DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was discovered to contain insecure default credentials in the modem's control panel.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-25
Last Modified
2025-08-26
Generated
2026-06-16
AI Q&A
2025-08-26
EPSS Evaluated
2026-06-15
NVD
CVE-2025-29525
EUVD
EUVD-2025-25702
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
dasantech gpon_onu_h660wm *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1392 The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves insecure default credentials in the control panel of the DASAN GPON ONU H660WM modem, specifically in OS version H660WMR210825 and hardware version DS-E5-583-A1. This means that the modem comes with default usernames and passwords that are not secure and could be easily exploited by attackers.

Impact Analysis

The insecure default credentials could allow unauthorized users to access the modem's control panel, potentially leading to unauthorized configuration changes, interception of network traffic, or other malicious activities that compromise the security and privacy of the network.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-29525. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart