Vulnerabilities > Fiberhome
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-12 | CVE-2017-16886 | Cross-Site Request Forgery (CSRF) vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. | 8.8 |
| 2018-01-12 | CVE-2017-16885 | Incorrect Permission Assignment for Critical Resource vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating. | 9.8 |
| 2017-10-19 | CVE-2017-15647 | Path Traversal vulnerability in Fiberhome Routerfiberhome Firmware On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value. | 7.5 |
| 2017-09-07 | CVE-2017-14147 | Improper Authentication vulnerability in Fiberhome Adsl An1020-25 Firmware An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to easily restore a router to its factory settings by simply browsing to the link http://[Default-Router-IP]/restoreinfo.cgi & execute it. | 9.8 |
| 2017-01-23 | CVE-2017-5544 | Resource Exhaustion vulnerability in Fiberhome Fengine S5800 Firmware V210R240 An issue was discovered on FiberHome Fengine S5800 switches V210R240. | 5.9 |