Unauthenticated Telnet Access in Calix GigaCenter ONT Products
CVE-2025-7635

8.7HIGH

Key Information:

Vendor: Calix
Status: Gigacenter Ont
Vendor: CVE Published:; 9 September 2025

What is CVE-2025-7635?

The Telnet access vulnerability in Calix GigaCenter ONT devices allows unauthorized users to gain root access without authentication. This poses a serious security risk, potentially enabling attackers to manipulate device settings and compromise network integrity. Affected models include GigaCenter ONT 844E, 844G, 844GE, and 854GE, emphasizing the need for immediate attention and mitigation from users of these products.

Affected Version(s)

GigaCenter ONT 844E

GigaCenter ONT 844G

GigaCenter ONT 844GE

References

https://fluidattacks.com/advisories/sal

third-party-advisory

https://www.calix.com

productrelated

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 9, 2025
Vulnerability Reserved
Jul 14, 2025