580 matches found
CVE-2022-36200
In FiberHome VDSL2 Modem HG150-UbV3.0, Credentials of Admin are submitted in URL, which can be logged/sniffed...
CVE-2021-27171
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell or tshell...
CVE-2021-27144
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded fi!b@er$h%o^mesuperadmin / sfuh+g|u credentials for an ISP...
CVE-2021-27150
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded gestiontelebucaramanga / t3l3buc4r4m4ng42013 credentials for an ISP...
CVE-2021-27145
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / lnadmin credentials for an ISP...
CVE-2021-27154
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / G0R2U1P2ag credentials for an ISP...
CVE-2021-27179
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to crash the telnet daemon by sending a certain 0a 65 6e 61 62 6c 65 0a 02 0a 1a 0a string...
CVE-2021-27162
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / tattoo@home credentials for an ISP...
CVE-2021-27172
An issue was discovered on FiberHome HG6245D devices through RP2613. A hardcoded GEPON password for root is defined inside /etc/init.d/system-config.sh...
CVE-2021-27153
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded trueadmin / admintrue credentials for an ISP...
CVE-2021-27163
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / tele1234 credentials for an ISP...
CVE-2021-42912
FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This vulnerability allows the attacker, once logged in, to send commands to the operating system as the root user via the ping diagnostic tool, bypassing the IP address field, and concatenating OS commands...
CVE-2019-17186
/var/WEB-GUI/cgi-bin/telnet.cgi on FiberHome HG2201T 1.00.M5007JS201804 devices allows pre-authentication remote code execution...
CVE-2017-15647
On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value...
CVE-2019-17187
/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007JS201804 devices allows pre-authentication Directory Traversal for reading arbitrary files...
VulnCheck KEV: CVE-2021-27162
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / tattoo@home credentials for an ISP...
CVE-2025-1613
A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. It has been rated as problematic. This issue affects some unknown processing of the file /goform/URLfilterCfg of the component URL Filtering Submenu. The manipulation of the argument urlIP leads to cross site scripting. The attack...
CVE-2025-1616
A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this issue is some unknown functionality of the component Diagnosis. The manipulation of the argument Destination Address leads to os command injection. The attack may be launche...
CVE-2025-1616
A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this issue is some unknown functionality of the component Diagnosis. The manipulation of the argument Destination Address leads to os command injection. The attack may be launche...
CVE-2025-1616
A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this issue is some unknown functionality of the component Diagnosis. The manipulation of the argument Destination Address leads to os command injection. The attack may be launche...