CVE-2025-43986
BaseFortify
Publication date: 2025-08-13
Last updated on: 2025-08-14
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| kuwfi | gc111 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the KuWFi GC111 router where the TELNET service is enabled by default and exposed over the WAN interface without requiring any authentication. This means that anyone who can access the WAN interface can connect to the router via TELNET without credentials, potentially gaining unauthorized access to the device.
How can this vulnerability impact me? :
Because the TELNET service is exposed without authentication, an attacker could remotely access the router's management interface. This could allow them to change configurations, intercept network traffic, or use the device as a foothold to launch further attacks on the network, leading to potential data breaches or network disruptions.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by scanning your network for devices with the KuWFi GC111 router model that have the TELNET service enabled and exposed on the WAN interface without authentication. You can use network scanning tools such as nmap with the command: nmap -p 23 --open <target-ip-range> to identify devices with open TELNET ports. Additionally, attempting to connect to the TELNET port (port 23) on the WAN interface of suspected devices can confirm if authentication is required. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling the TELNET service on the KuWFi GC111 devices if possible, or restricting access to the TELNET port on the WAN interface using firewall rules to block external access. If disabling TELNET is not feasible, ensure that the device firmware is updated to a version that addresses this vulnerability or consider replacing the device with a more secure alternative. Additionally, monitor network traffic for unauthorized TELNET connections and restrict WAN access to trusted IP addresses only. [1]