Vulnerabilities > Fiberhome > An5506 02 B Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-09-15 CVE-2022-38814 Cross-site Scripting vulnerability in Fiberhome An5506-02-B Firmware Rp2521
A stored cross-site scripting (XSS) vulnerability in the auth_settings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfg_loid text field.
network
low complexity
fiberhome CWE-79
5.4
5.4
2021-12-16 CVE-2021-42912 OS Command Injection vulnerability in Fiberhome products
FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability.
network
low complexity
fiberhome CWE-78
8.8
8.8