CVE-2025-7635

HIGH EPSS 19.1%
Published Sep 9, 20259mo ago · Modified Jun 17, 20262w ago
8.7 CVSS 4.0
High
Find Similar
Published Sep 9, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT allows root access.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE.

CVSS Details

Base Score
8.7
Exploitability
Impact
Vector string
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Adjacent
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
19.1% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-306 Missing Authentication for Critical Function Authentication

Affected Products 5

VendorProductVersionRange
calixcalix_gigacenter_ont*any
calixcalix_gigacenter_ont844eany
calixcalix_gigacenter_ont844gany
calixcalix_gigacenter_ont844geany
calixcalix_gigacenter_ont854geany

References 3

  • fluidattacks.com https://fluidattacks.com/advisories/sal
    ExploitMitigationThird Party Advisory
  • revers3everything.com https://revers3everything.com/calix-case-five-0-days-five-cves/
    Third Party Advisory
  • calix.com https://www.calix.com
    Product

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.