CVE-2026-45433

Description

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and Man-in-the-Middle (MITM) attacks on the targeted device.

References

• https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2026-0288