PatchSiren cyber security CVE debrief
CVE-2026-45432 GX INDIA CVE debrief
CVE-2026-45432 is a HIGH severity vulnerability with a CVSS score of 8.7. The vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead to unauthorized access to the targeted device.
- Vendor
- GX INDIA
- Product
- GX Earth 2022
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-04
- Original CVE updated
- 2026-06-04
- Advisory published
- 2026-06-04
- Advisory updated
- 2026-06-04
Who should care
Administrators and users of GX Earth ONT models should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability is caused by the transmission of user credentials in plaintext over HTTP in the web management interface of GX Earth ONT models. This allows a remote attacker to intercept network traffic and obtain sensitive authentication information.
Defensive priority
HIGH
Recommended defensive actions
- Use HTTPS instead of HTTP for the web management interface
- Implement proper network traffic monitoring and interception measures
- Update or patch the affected GX Earth ONT models as soon as possible
Evidence notes
The CVE record and NVD detail can be found at [cve-org] and [nvd] respectively. Additional information can be found at [ref-4].
Official resources
-
CVE-2026-45432 CVE record
CVE.org
-
CVE-2026-45432 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-45432 was published on 2026-06-04T12:16:26.270Z and modified on 2026-06-04T15:26:10.707Z.