216.73.217.50

CVE-2025-7072

· Published 09/01/2026 12:15 · Modified 09/01/2026 12:15

Labels: CVE-2025-7072 2026-01-09CVE-2025-7072CWE-798[email protected]

Essential information

Published
09/01/2026 12:15
Modified
09/01/2026 12:15
Author
Creator
CVSS
9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

The firmware in KAON CG3000TC and CG3000T routers contains hard-coded credentials in clear text (shared across all routers of this model) that an unauthenticated remote attacker could use to execute commands with root privileges. This vulnerability has been fixed in firmware version: 1.00.67 for CG3000TC and 1.00.27 for CG3000T.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
kaon / cg3000tc cpe:2.3:h:kaon:cg3000tc:1.00.67:*:*:*:*:*:*:*
kaon / cg3000t cpe:2.3:h:kaon:cg3000t:1.00.27:*:*:*:*:*:*:*

References