FiberHome GPON ONU HG6145F1 Wi-Fi Password Prediction Vulnerability

A vulnerability exists in the FiberHome GPON ONU model HG6145F1, specifically in the RP4423 version. This issue allows the device's factory default Wi-Fi password, which is the WPA/WPA2 pre-shared key, to be predicted based on the SSID. The router generates default passwords using a deterministic algorithm that links the SSID to the password. As a result, an attacker who can see the SSID can forecast the default password without needing authentication or user interaction.

Impact

Exploitation of this vulnerability allows for unauthorized access to the Wi-Fi network, potentially leading to data theft and surveillance, as well as unauthorized access to devices connected to the network.

Reproduction

The vulnerability can be reproduced by observing the SSID of a FiberHome GPON ONU HG6145F1 router. The default Wi-Fi password can be predicted by applying a simple mathematical operation that involves converting parts of the SSID and the password into hexadecimal and decimal values. This relationship can be used to derive the password from the SSID.

Remediation

Users are advised to change the default SSID and password, disable Wi-Fi Protected Setup (WPS), update the router firmware, and if possible, replace ISP-provided routers.