Getting previous router password when cracking

[ZerBea]

The nature of hcxdumptool is to retrieve all(!) passwords stored in the wpa-supplicant conf of a CLIENT. That include old passwords, the actual password and passwords of other NETWORKs the CLIENT was connected to.
To identify the actual password I recommend to use hcxhashtool (--info=stdout) or to take a look at the message pair field at the end of the hash line as described here:
https://hashcat.net/wiki/doku.php?id=cracking_wpawpa2

Code:

bitmask of message pair field:
2,1,0:
000 = M1+M2, EAPOL from M2 (challenge)
001 = M1+M4, EAPOL from M4 (authorized) - usable if NONCE_CLIENT is not zeroed
010 = M2+M3, EAPOL from M2 (authorized)
011 = M2+M3, EAPOL from M3 (authorized) - unused
100 = M3+M4, EAPOL from M3 (authorized) - unused
101 = M3+M4, EAPOL from M4 (authorized) - usable if NONCE_CLIENT is not zeroed
3: reserved
4: ap-less attack (set to 1) - nonce-error-corrections not required
5: LE router detected (set to 1) - nonce-error-corrections required only on LE
6: BE router detected (set to 1) - nonce-error-corrections required only on BE
7: not replaycount checked (set to 1) - replaycount not checked, nonce-error-corrections mandatory

challenge = valid handshake that does not necessarily have to be part of the target ACCESS POINT
authorized = valid handshake that allow access to the target ACCESS POINT

BTW:
Goal of hcxdumptool/hcxtools is hunting for weak CLIENTs. If one of your CLIENTs respond to an old password this CLIENT is weak!
Check wpa-supplicant config of that CLIENT and remove this entry.