CVE-2025-67114

Published: Mar 19, 2026

Modified: Mar 24, 2026

PUBLISHED

Description

Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass and full device access.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://neroteam.com/blog/freedomfi-sercomm-sce4255w-englewood

https://fcc.report/FCC-ID/P27-SCE4255W/4790935.pdf

https://freedomfi.com/index.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-67114

Description

Affected Products

References