This vulnerability exists in GX Earth 2022 ONT models due...
High severity
Unreviewed
Published
Jun 4, 2026
to the GitHub Advisory Database
•
Updated Jun 4, 2026
Description
Published by the National Vulnerability Database
Jun 4, 2026
Published to the GitHub Advisory Database
Jun 4, 2026
Last updated
Jun 4, 2026
This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and Man-in-the-Middle (MITM) attacks on the targeted device.
References