Vulnerabilities > Fiberhome > Vdsl2 Modem HG 150 UB

DATE CVE VULNERABILITY TITLE RISK
2018-04-04 CVE-2018-9249 Improper Authentication vulnerability in Fiberhome Vdsl2 Modem HG 150-Ub Firmware
FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request.
network
low complexity
fiberhome CWE-287
7.5
2018-04-04 CVE-2018-9248 Improper Authentication vulnerability in Fiberhome Vdsl2 Modem HG 150-Ub Firmware
FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header.
network
low complexity
fiberhome CWE-287
7.5