CVE-2025-63409HIGH 8.8EPSS p20.8%

CVE-2025-63409CVE-2025-63409

Description

Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.29% probability of exploitation · percentile 20.8% · 2026-06-19T12:03:05Z
Published2026-02-24
Last modified2026-02-26

Underlying weaknesses· 1

CWE-284

References

  1. http://gcom.com
  2. https://github.com/theShinigami/CVE-Disclosures/tree/main/CVE-2025-63409

1

TypeTargetConfidenceTier
WeaknessImproper Access Controlcwe-2840%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-71056
CVE
CVE-2026-9211
CVE
CVE-2026-0410
CVE
CVE-2025-3719
CVE
CVE-2025-0324
CVE
CVE-2025-41651
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.