Skip to main content

GX Earth ONT EUVDEUVD-2026-34250

| CVE-2026-45432 HIGH
Cleartext Transmission of Sensitive Information (CWE-319)
2026-06-04 vdisclose@cert-in.org.in GHSA-4jr5-8v5x-7499
8.7
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 04, 2026 - 12:33 vuln.today

DescriptionCVE.org

This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead to unauthorized access to the targeted device.

AnalysisAI

Credential disclosure in GX Earth ONT (Optical Network Terminal) devices allows remote attackers positioned on the network path to capture administrative authentication material by sniffing the unencrypted HTTP web management interface. The flaw scores CVSS 4.0 8.7 (High) with CWE-319 (Cleartext Transmission of Sensitive Information), and no public exploit identified at time of analysis, though interception techniques are well-understood and trivial to execute on shared media.

Technical ContextAI

GX Earth ONT devices are customer-premises optical network terminals that terminate GPON/EPON fiber links and expose a web-based management UI for configuration. The vulnerability is rooted in CWE-319 (Cleartext Transmission of Sensitive Information): the device serves its administrative interface over HTTP rather than HTTPS, so login credentials traverse the network without TLS encryption. Because ONTs typically share Layer-2 segments with internal LAN devices and may be reachable from the ISP-side management VLAN, any attacker with access to traffic on those paths can passively recover usernames and passwords from HTTP form submissions or Basic Auth headers.

RemediationAI

No vendor-released patch identified at time of analysis based on the provided data - administrators should monitor the CERT-In advisory at https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0288 and the GX Earth vendor channel for firmware updates that enable HTTPS for the management UI. Compensating controls include restricting the management interface to a dedicated management VLAN or specific source IPs via ACLs (trade-off: complicates legitimate remote admin), disabling remote/WAN-side management entirely and requiring on-device or LAN-only administration (trade-off: loses convenience for ISP technicians), changing default credentials and rotating them after any suspected exposure, and segmenting the ONT off the user LAN where feasible so passive sniffers on user devices cannot observe management traffic. Where the device supports it, force HTTPS-only and disable HTTP listener; if no such toggle exists, treat the credentials as ephemeral and assume disclosure on any untrusted network.

Share

EUVD-2026-34250 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy