CVE-2025-3461

Name of the Vulnerable Software and Affected Versions Quantenna Wi-Fi chipset versions through 8.0.0.28

Description The issue concerns an unauthenticated telnet interface that ships by default with the Quantenna Wi-Fi chips, classified as CWE-306, "Missing Authentication for Critical Function." The vendor has released a best practices guide for implementors of this chipset, but the issue remains unpatched at the time of initial reporting.

Recommendations For versions through 8.0.0.28, consider disabling the telnet interface as a temporary workaround until a patch is available. Restrict access to the telnet interface to minimize the risk of exploitation. Follow the vendor's best practices guide for implementors of the Quantenna Wi-Fi chipset to reduce the risk associated with this issue.