Vulnerabilities > Fiberhome > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-10 | CVE-2021-27143 | Use of Hard-coded Credentials vulnerability in Fiberhome Hg6245D Firmware Rp2613 An issue was discovered on FiberHome HG6245D devices through RP2613. | 9.8 |
| 2021-02-10 | CVE-2021-27141 | Use of Hard-coded Credentials vulnerability in Fiberhome Hg6245D Firmware Rp2613 An issue was discovered on FiberHome HG6245D devices through RP2613. | 9.8 |
| 2018-04-04 | CVE-2018-9249 | Improper Authentication vulnerability in Fiberhome Vdsl2 Modem HG 150-Ub Firmware FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request. | 9.8 |
| 2018-04-04 | CVE-2018-9248 | Improper Authentication vulnerability in Fiberhome Vdsl2 Modem HG 150-Ub Firmware FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header. | 9.8 |
| 2018-01-12 | CVE-2017-16887 | Permission Issues vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. | 9.8 |
| 2018-01-12 | CVE-2017-16885 | Incorrect Permission Assignment for Critical Resource vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating. | 9.8 |
| 2017-09-07 | CVE-2017-14147 | Improper Authentication vulnerability in Fiberhome Adsl An1020-25 Firmware An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to easily restore a router to its factory settings by simply browsing to the link http://[Default-Router-IP]/restoreinfo.cgi & execute it. | 9.8 |