Lucene search
K

8 matches found

CNVD
CNVD
added 2018/04/10 12:0 a.m.5 views

FiberHome VDSL2 Modem HG 150-UB Security Bypass Vulnerability (CNVD-2018-08814)

FiberHome VDSL2 Modem HG 150-UB is a modem product from China FiberHome. A security vulnerability exists in the FiberHome VDSL2 Modem HG 150-UB. An attacker can exploit the vulnerability to bypass authentication...

9.8CVSS6.9AI score0.06334EPSS
Exploits0References1
NVD
NVD
added 2018/04/04 3:29 p.m.13 views

CVE-2018-9249

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request...

9.8CVSS9.7AI score0.06334EPSS
Exploits0References1
Prion
Prion
added 2018/04/04 3:29 p.m.14 views

Authentication flaw

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request...

7.5CVSS9.5AI score0.06334EPSS
Exploits0References1
NVD
NVD
added 2018/04/04 3:29 p.m.19 views

CVE-2018-9248

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header...

9.8CVSS9.6AI score0.15255EPSS
Exploits2References2
CVE
CVE
added 2018/04/04 3:0 p.m.47 views

CVE-2018-9249

The CVE-2018-9249 issue affects FiberHome VDSL2 Modem HG 150-UB where authentication can be bypassed by the device’s response not enforcing login.html, due to the client-side JavaScript check (parent.location='login.html') being ignored on unauthenticated requests. Affected component: the modem’s...

9.8CVSS9.6AI score0.06334EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/04/04 3:0 p.m.21 views

CVE-2018-9248

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header...

9.7AI score0.15255EPSS
Exploits2References2
Cvelist
Cvelist
added 2018/04/04 3:0 p.m.22 views

CVE-2018-9249

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request...

9.8AI score0.06334EPSS
Exploits0References1
CVE
CVE
added 2018/04/04 3:0 p.m.71 views

CVE-2018-9248

CVE-2018-9248 affects FiberHome VDSL2 Modem HG 150-UB. The flaw allows authentication bypass via the HTTP cookie header “Cookie: Name=0admin” due to improper session handling and a hard-coded/plain-text cookie. Public evidence (NVD entry, CNVD-2018-08815, Exploit-DB entry) confirms the bypass can...

9.8CVSS9.6AI score0.15255EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder