Vulnerabilities > Fiberhome
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-10 | CVE-2021-27141 | Use of Hard-coded Credentials vulnerability in Fiberhome Hg6245D Firmware An issue was discovered on FiberHome HG6245D devices through RP2613. | 5.0 |
| 2021-02-10 | CVE-2021-27140 | Cleartext Storage of Sensitive Information vulnerability in Fiberhome Hg6245D Firmware An issue was discovered on FiberHome HG6245D devices through RP2613. | 5.0 |
| 2021-02-10 | CVE-2021-27139 | Unspecified vulnerability in Fiberhome Hg6245D Firmware An issue was discovered on FiberHome HG6245D devices through RP2613. | 5.0 |
| 2019-10-08 | CVE-2019-17186 | Improper Input Validation vulnerability in Fiberhome Hg2201T Firmware Hg2201T1.00.M5007Js201804 /var/WEB-GUI/cgi-bin/telnet.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication remote code execution. | 9.0 |
| 2019-10-08 | CVE-2019-17187 | Path Traversal vulnerability in Fiberhome Hg2201T Firmware 1.00.M5007Js201804 /var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. | 5.0 |
| 2018-04-04 | CVE-2018-9249 | Improper Authentication vulnerability in Fiberhome Vdsl2 Modem HG 150-Ub Firmware FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request. | 7.5 |
| 2018-04-04 | CVE-2018-9248 | Improper Authentication vulnerability in Fiberhome Vdsl2 Modem HG 150-Ub Firmware FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header. | 7.5 |
| 2018-01-12 | CVE-2017-16887 | Permission Issues vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. | 5.0 |
| 2018-01-12 | CVE-2017-16886 | Cross-Site Request Forgery (CSRF) vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. | 6.8 |
| 2018-01-12 | CVE-2017-16885 | Incorrect Permission Assignment for Critical Resource vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating. | 5.0 |