Insufficient Entropy in PSK Generation for Sagemcom F@st 5260 Routers

Insufficient Entropy in PSK Generation for Sagemcom F@st 5260 Routers

CVE-2019-9555 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.

Learn more about our Web Application Penetration Testing UK.