CVE-2021-4464

The CVE-2021-4464 entry affects FiberHome AN5506-04-FA (firmware up to RP2631) and HG6245D (up to RP2602). The issue is a stack-based buffer overflow in the HTTP service (webs) caused by not enforcing cookie header length limits, triggering overflow when a cookie >511 bytes is processed, leadi...

CVE-2025-63353

A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi password WPA/WPA2 pre-shared key to be predicted from the SSID. The device generates default passwords using a deterministic algorithm that derives the router passphrase from the SSID, enabling an...

EUVD-2025-20871

Malicious code in bioql PyPI...

CVE-2025-52357

Cross-Site Scripting XSS vulnerability exists in the ping diagnostic feature of FiberHome FD602GW-DX-R410 router firmware V2.2.14, allowing an authenticated attacker to execute arbitrary JavaScript code in the context of the router s web interface. The vulnerability is triggered via user-supplied...

CVE-2025-52357

Cross-Site Scripting XSS vulnerability exists in the ping diagnostic feature of FiberHome FD602GW-DX-R410 router firmware V2.2.14, allowing an authenticated attacker to execute arbitrary JavaScript code in the context of the router s web interface. The vulnerability is triggered via user-supplied...

PT-2025-28959 · Fiberhome · Fd602Gw-Dx-R410

Name of the Vulnerable Software and Affected Versions: FiberHome FD602GW-DX-R410 router version V2.2.14 Description: A Cross-Site Scripting XSS issue exists in the ping diagnostic feature. An authenticated attacker can execute arbitrary JavaScript code within the router’s web interface. The issue...

CVE-2025-52357

Cross-Site Scripting XSS vulnerability exists in the ping diagnostic feature of FiberHome FD602GW-DX-R410 router firmware V2.2.14, allowing an authenticated attacker to execute arbitrary JavaScript code in the context of the router s web interface. The vulnerability is triggered via user-supplied...

CVE-2025-52357

Cross-Site Scripting XSS vulnerability exists in the ping diagnostic feature of FiberHome FD602GW-DX-R410 router firmware V2.2.14, allowing an authenticated attacker to execute arbitrary JavaScript code in the context of the router s web interface. The vulnerability is triggered via user-supplied...

CVE-2025-52357

FiberHome FD602GW-DX-R410 router (firmware V2.2.14) contains a reflected XSS in the ping diagnostic feature. Authenticated users can inject input in the ping form field, which is not properly sanitized, allowing arbitrary JavaScript execution in the router’s admin/web interface. Impacts include s...

FiberHome HG6544C 安全漏洞

The FiberHome HG6544C is a router from China's FiberHome that is equipped with an indicator light and an Ethernet LAN interface. A security vulnerability exists in the FiberHome HG6544C RP2743 version, which stems from a cross-site scripting vulnerability that allows an attacker to execute...

Fiberhome FiberHome ONU GPON 操作系统命令注入漏洞

Fiberhome FiberHome ONU GPON is a router from Fiberhome, China.FiberHome ONU GPON AN5506-04-F RP2617 is vulnerable to an operating system command injection vulnerability, which originates from FiberHome ONU GPON AN5506-04-F RP2617 is affected by an operating system command injection vulnerability...

Denial of Service Vulnerability in the Fiber FR2600-420 Router

Fiberhome FR2600-420 is a router from Fiberhome Communication Technology Co. A denial of service vulnerability exists in the Fiberhome FR2600-420 router, which can be exploited by attackers to cause a denial of service...

FiberHome AN5506-04-FA Trust Management Issues Vulnerability

FiberHome AN5506-04-FA is a router from China Fiberhome.Fiber is an open source web framework written in Go. A trust management issue vulnerability exists in FiberHome AN5506-04-FA, which can be exploited by an attacker to attack affected components using default passwords or hard-coded passwords...

FiberHome HG6245D Hardcoded Credential Vulnerability (CNVD-2021-11344)

The HG6245D is an FTTH ONT router from FiberHome. A hardcoded credentials vulnerability exists in the FiberHome HG6245D. The vulnerability stems from the web daemon containing hardcoded user/8888888 credentials against an ISP. No details of the vulnerability are provided at this time...

FiberHome HG6245D Hardcoded Credential Vulnerability (CNVD-2021-11338)

The HG6245D is an FTTH ONT router from FiberHome. A hard-coded credentials vulnerability exists in the FiberHome HG6245D. The vulnerability stems from the web daemon containing hardcoded trueadmin/admintrue credentials against an ISP. No details of the vulnerability are provided at this time...

Fiberhome FiberHome AN5506-04-F和Fiber 信任管理问题漏洞

FiberHome AN5506-04-FA is a router from China Fiberhome.Fiber is an open source web framework written in Go. A trust management issue vulnerability exists in FiberHome AN5506-04-FA, which can be exploited by an attacker to attack affected components using default passwords or hard-coded passwords...

FiberHome Fiberhome AN5506-04-F Cross-Site Scripting Vulnerability

FiberHome Fiberhome AN5506-04-F is a router from China FiberHome. A cross-site scripting vulnerability exists in the Fiberhome AN5506-04-F RP2669 version, which originates from the program failing to properly filter user input. A remote attacker could exploit this vulnerability to run malicious...

FiberHome Router Directory Traversal Vulnerability

FiberHome routers are a router from FiberHome, a Chinese company. A directory traversal vulnerability exists in /cgi-bin/webproc in FiberHome routers. An attacker can exploit this vulnerability to obtain files on the router...