Vulnerabilities > CVE-2021-27177 - Incorrect Authorization vulnerability in Fiberhome Hg6245D Firmware

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
fiberhome
CWE-863

Summary

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass authentication by sending the decoded value of the GgpoZWxwCmxpc3QKd2hvCg== string to the telnet server.

Vulnerable Configurations

Part Description Count
OS
Fiberhome
1
Hardware
Fiberhome
1

Common Weakness Enumeration (CWE)