10 matches found
CVE-2021-4464
FiberHome AN5506-04-FA firmware versions up to and including RP2631 and HG6245D prior to RP2602 contain a stack-based buffer overflow, as the HTTP service 'webs' fails to enforce maximum lengths for Cookie header values. When a cookie longer than 511 bytes is processed, a stack buffer is overrun,...
CVE-2021-4464 FIberHome AN5506-04-FA / HG6245D Routers Remote Stack Overflow
FiberHome AN5506-04-FA firmware versions up to and including RP2631 and HG6245D prior to RP2602 contain a stack-based buffer overflow, as the HTTP service 'webs' fails to enforce maximum lengths for Cookie header values. When a cookie longer than 511 bytes is processed, a stack buffer is overrun,...
CVE-2021-4464 FIberHome AN5506-04-FA / HG6245D Routers Remote Stack Overflow
FiberHome AN5506-04-FA firmware versions up to and including RP2631 and HG6245D prior to RP2602 contain a stack-based buffer overflow, as the HTTP service 'webs' fails to enforce maximum lengths for Cookie header values. When a cookie longer than 511 bytes is processed, a stack buffer is overrun,...
CVE-2017-15647
On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value...
RCE vulnerability in FiberHome routers
Ltd., or FiberHome, is a listed company headquartered in Wuhan, China. FiberHome is a listed company in the telecommunications equipment manufacturing industry headquartered in Wuhan, China. A RCE vulnerability exists in FiberHome routers, which can be exploited by an attacker to execute arbitrar...
Logic Flaw Vulnerability in the Fiber FR2600 Series Routers
Fengine FR2600 series integrated service access router hereinafter referred to as FR2600 is a new generation of switched access router platform built by Fiberhome using the industry's new hardware design architecture.FR2600 has powerful processing power and scalability, rich software functions an...
Puzzling Gwmndy Botnet Focuses on Low-Volume Proxy Connections
An odd botnet has been spotted targeting Fiberhome routers, in a quest to add 200 of them per day to its botnet web. That’s a low number in the world of botnets, according to 360 Netlab researchers, which observed a previously unknown malware strain called Gwmndy after the attackers’ domain name...
Directory traversal
On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value...
CVE-2017-15647
On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value...
CVE-2017-15647
On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value...