CVE-2025-53755 is a medium-severity vulnerability affecting the Digisol XPON ONU Wi-Fi Router model DG-GR6821AC, specifically firmware version V3.2.XX. The core issue is the cleartext storage of sensitive information, including credentials and PINs, within the device firmware. This vulnerability is categorized under CWE-312, which relates to the insecure storage of sensitive data. An attacker with physical access to the device can extract the firmware and reverse engineer the binary data to retrieve unencrypted credentials. Since the credentials are stored without encryption, this significantly lowers the barrier for an attacker to gain unauthorized access to the network managed by the router. The CVSS 4.0 vector indicates that the attack requires physical access (AV:P), has low attack complexity (AC:L), does not require authentication (PR:N), and no user interaction (UI:N). The vulnerability impacts confidentiality severely (VC:H) but does not affect integrity or availability. No known exploits are currently reported in the wild, and no patches have been published yet. The vulnerability is particularly concerning because physical access to network devices is often possible in environments such as offices, data centers, or multi-tenant buildings, making it a realistic threat vector for attackers with insider access or physical proximity. The lack of encryption for stored credentials is a fundamental security design flaw in the affected firmware version, exposing networks to potential unauthorized access and subsequent lateral movement or data exfiltration.

For European organizations, this vulnerability poses a significant risk especially in sectors where physical security of network infrastructure may be less stringent, such as small to medium enterprises, educational institutions, or shared office spaces. Unauthorized access to the network via compromised router credentials can lead to interception of sensitive communications, unauthorized network configuration changes, and potential pivoting to other internal systems. Given the router’s role as a network gateway, exploitation could undermine confidentiality of internal data flows and potentially disrupt business operations if attackers leverage access for further attacks. The medium CVSS score reflects that while remote exploitation is not possible, the impact of a successful attack is substantial. Organizations in Europe with deployments of Digisol XPON ONU Wi-Fi Routers, particularly in environments where physical access controls are weak, should be vigilant. The vulnerability also raises compliance concerns under regulations such as GDPR, as unauthorized network access could lead to personal data breaches. Furthermore, the absence of patches means organizations must rely on compensating controls until a firmware update is available.

1. Enforce strict physical security controls around network infrastructure to prevent unauthorized physical access to routers. 2. Inventory all Digisol DG-GR6821AC devices and verify firmware versions; avoid deploying or replace devices running vulnerable firmware V3.2.XX where possible. 3. Monitor network access logs for unusual activity that could indicate unauthorized access. 4. Segment networks to limit the impact of compromised devices, ensuring that critical systems are isolated from general user networks. 5. If physical access is suspected or confirmed, consider device replacement or re-flashing with updated firmware once available. 6. Engage with Digisol support channels to obtain information on forthcoming patches or firmware updates addressing this vulnerability. 7. Implement network-level authentication and encryption (e.g., WPA3, VPNs) to reduce the risk of unauthorized access even if router credentials are compromised. 8. Educate staff about the risks of physical device tampering and encourage reporting of suspicious activities around network hardware.