The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.
This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
|
Onsemi
Subscribe
|
Qcs-ax2-a12
Subscribe
Qcs-ax2-a12 Firmware
Subscribe
Qcs-ax2-s5
Subscribe
Qcs-ax2-s5 Firmware
Subscribe
Qcs-ax2-t12
Subscribe
Qcs-ax2-t12 Firmware
Subscribe
Qcs-ax2-t8
Subscribe
Qcs-ax2-t8 Firmware
Subscribe
Qcs-ax3-a12
Subscribe
Qcs-ax3-a12 Firmware
Subscribe
Qcs-ax3-s5
Subscribe
Qcs-ax3-s5 Firmware
Subscribe
Qcs-ax3-t12
Subscribe
Qcs-ax3-t12 Firmware
Subscribe
Qcs-ax3-t8
Subscribe
Qcs-ax3-t8 Firmware
Subscribe
Qd840
Subscribe
Qd840 Firmware
Subscribe
Qhs710
Subscribe
Qhs710 Firmware
Subscribe
Qsr10ga
Subscribe
Qsr10ga Firmware
Subscribe
Qsr10gu
Subscribe
Qsr10gu Firmware
Subscribe
Qv840
Subscribe
Qv840 Firmware
Subscribe
Qv840c
Subscribe
Qv840c Firmware
Subscribe
Qv860
Subscribe
Qv860 Firmware
Subscribe
Qv940
Subscribe
Qv940 Firmware
Subscribe
Qv942c
Subscribe
Qv942c Firmware
Subscribe
Qv952c
Subscribe
Qv952c Firmware
Subscribe
|
Configuration 1 [-]
| AND |
|
Configuration 2 [-]
| AND |
|
Configuration 3 [-]
| AND |
|
Configuration 4 [-]
| AND |
|
Configuration 5 [-]
| AND |
|
Configuration 6 [-]
| AND |
|
Configuration 7 [-]
| AND |
|
Configuration 8 [-]
| AND |
|
Configuration 9 [-]
| AND |
|
Configuration 10 [-]
| AND |
|
Configuration 11 [-]
| AND |
|
Configuration 12 [-]
| AND |
|
Configuration 13 [-]
| AND |
|
Configuration 14 [-]
| AND |
|
Configuration 15 [-]
| AND |
|
Configuration 16 [-]
| AND |
|
Configuration 17 [-]
| AND |
|
Configuration 18 [-]
| AND |
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-17410 | The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 13 Jan 2026 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Onsemi
Onsemi qcs-ax2-a12 Onsemi qcs-ax2-a12 Firmware Onsemi qcs-ax2-s5 Onsemi qcs-ax2-s5 Firmware Onsemi qcs-ax2-t12 Onsemi qcs-ax2-t12 Firmware Onsemi qcs-ax2-t8 Onsemi qcs-ax2-t8 Firmware Onsemi qcs-ax3-a12 Onsemi qcs-ax3-a12 Firmware Onsemi qcs-ax3-s5 Onsemi qcs-ax3-s5 Firmware Onsemi qcs-ax3-t12 Onsemi qcs-ax3-t12 Firmware Onsemi qcs-ax3-t8 Onsemi qcs-ax3-t8 Firmware Onsemi qd840 Onsemi qd840 Firmware Onsemi qhs710 Onsemi qhs710 Firmware Onsemi qsr10ga Onsemi qsr10ga Firmware Onsemi qsr10gu Onsemi qsr10gu Firmware Onsemi qv840 Onsemi qv840 Firmware Onsemi qv840c Onsemi qv840c Firmware Onsemi qv860 Onsemi qv860 Firmware Onsemi qv940 Onsemi qv940 Firmware Onsemi qv942c Onsemi qv942c Firmware Onsemi qv952c Onsemi qv952c Firmware |
|
| CPEs | cpe:2.3:h:onsemi:qcs-ax2-a12:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qcs-ax2-s5:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qcs-ax2-t12:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qcs-ax2-t8:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qcs-ax3-a12:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qcs-ax3-s5:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qcs-ax3-t12:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qcs-ax3-t8:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qd840:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qhs710:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qsr10ga:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qsr10gu:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qv840:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qv840c:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qv860:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qv940:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qv942c:-:*:*:*:*:*:*:* cpe:2.3:h:onsemi:qv952c:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qcs-ax2-a12_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qcs-ax2-s5_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qcs-ax2-t12_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qcs-ax2-t8_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qcs-ax3-a12_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qcs-ax3-s5_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qcs-ax3-t12_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qcs-ax3-t8_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qd840_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qhs710_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qsr10ga_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qsr10gu_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qv840_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qv840c_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qv860_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qv940_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qv942c_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:onsemi:qv952c_firmware:-:*:*:*:*:*:*:* |
|
| Vendors & Products |
Onsemi
Onsemi qcs-ax2-a12 Onsemi qcs-ax2-a12 Firmware Onsemi qcs-ax2-s5 Onsemi qcs-ax2-s5 Firmware Onsemi qcs-ax2-t12 Onsemi qcs-ax2-t12 Firmware Onsemi qcs-ax2-t8 Onsemi qcs-ax2-t8 Firmware Onsemi qcs-ax3-a12 Onsemi qcs-ax3-a12 Firmware Onsemi qcs-ax3-s5 Onsemi qcs-ax3-s5 Firmware Onsemi qcs-ax3-t12 Onsemi qcs-ax3-t12 Firmware Onsemi qcs-ax3-t8 Onsemi qcs-ax3-t8 Firmware Onsemi qd840 Onsemi qd840 Firmware Onsemi qhs710 Onsemi qhs710 Firmware Onsemi qsr10ga Onsemi qsr10ga Firmware Onsemi qsr10gu Onsemi qsr10gu Firmware Onsemi qv840 Onsemi qv840 Firmware Onsemi qv840c Onsemi qv840c Firmware Onsemi qv860 Onsemi qv860 Firmware Onsemi qv940 Onsemi qv940 Firmware Onsemi qv942c Onsemi qv942c Firmware Onsemi qv952c Onsemi qv952c Firmware |
Mon, 09 Jun 2025 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 ( CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) . This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset. | The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset. |
Mon, 09 Jun 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 08 Jun 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 ( CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) . This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset. | |
| Title | ON Semiconductor Quantenna Telnet Missing Authentication | |
| Weaknesses | CWE-306 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: AHA
Published:
Updated: 2025-06-09T18:37:14.718Z
Reserved: 2025-04-08T23:41:09.376Z
Link: CVE-2025-3461
Vulnrichment
Updated: 2025-06-09T15:02:21.516Z
NVD
Status : Analyzed
Published: 2025-06-08T21:15:33.030
Modified: 2026-01-13T20:01:27.457
Link: CVE-2025-3461
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses