Back to search
CVE-2025-54084
Published: Sep 9, 2025
Modified: Sep 12, 2025
PUBLISHED
Description
OS Command ('OS Command Injection') vulnerability in Calix GigaCenter ONT (Quantenna SoC modules) allows authenticated attackers with 'super' user credentials to execute arbitrary OS commands through improper input validation, potentially leading to full system compromise.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE.
| Vendor | Product | Versions |
|---|---|---|
Calix | GigaCenter ONT | affected 844Eaffected 844Gaffected 844GEaffected 854GE |
Weaknesses (CWE)
References
https://fluidattacks.com/advisories/bacalao
third-party-advisory
https://www.calix.com
product
related
https://revers3everything.com/calix-case-five-0-days-five-cves/
third-party-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now