Fiberhome exploit. Vulnerability exists in web interface of FIBERHOME AN5506-04-F router. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events. The exploit has been disclosed to the public and may be used. This router has vulnerabilities where you can get information or edit configurations in an unauthenticated way. fiberhome. Apr 8, 2011 · FiberHome HG-110 - Cross-Site Scripting / Directory Traversal. Written by Catalin Cimpanu, Contributor Explore the latest vulnerabilities and security issues of Fiberhome in the CVE database Track the latest Fiberhome vulnerabilities and their associated exploits, patches, CVSS and EPSS scores, proof of concept, links to malware, threat actors, and MITRE ATT&CK TTP information Jan 13, 2021 · The FiberHome HG6245D routers are GPON FTTH routers. In particular, it has been providing end-to-end solutions integrated with opto-electronic devices, opticpreforms Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more. Description A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. Oct 13, 2017 · ## Vulnerability Summary The following advisory describes a directory traversal vulnerability found in FiberHome routers. com/whirleyes/c664c33ff0e0461692c1446f2a97abb9 and backdoor factory access mode in dropbear Dec 18, 2023 · For those of you who are used to reading about my Apple research, this post is going to be a change of pace. CVE-2019-9556 . The biggest risk is the possibility of changing the dns of the device. I validated the vulnerabilities against HG6245D, RP2602: Config# show version show version Hardware version : WKE2 Mar 4, 2019 · Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting. webapps exploit for Hardware platform Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. It has been classified as critical. FiberHome Technologies Group “was established in 1974. Modifying systems' DNS settings allows cybercriminals to perform malicious activities like steering unknowing users to bad sites, replacing Fiberhome AN5506-04-F – Stored Cross Site Scripting Stored XSS occurs when a web application gathers input from a user which might be malicious, and then stores that input in a data store for later use. This allows an attacker to execute arbitrary script code in the browser of a user visiting the affected site, potentially leading to the theft of sensitive information and further attacks. The Feb 10, 2021 · Information Technology Laboratory National Vulnerability DatabaseVulnerabilities FiberHome Technologies is a leading equipment vendor and global solution provider the field of information technology and telecommunications. This vulnerability allows the attacker, without logged in to send commands to the operating system as the root user. webapps exploit for Hardware platform Feb 2, 2018 · FiberHome AN5506 - Remote DNS Change. The web daemon contains the hardcoded telecomadmin / nE7jA%5m credentials for an ISP. I validated the vulnerabilities against HG6245D, RP2602: Config# show version show version Hardware version : WKE2 Jan 18, 2021 · Multiple backdoors and vulnerabilities discovered in FiberHome routers At least 28 backdoor accounts found in FiberHome FTTH ONT routers. Get real-time data on the latest CVEs, risk scores, and threat levels. 烽火（FiberHome）通信京东自营旗舰店,提供烽火（FiberHome）通信京东自营旗舰店各类正品商品的报价、促销、评论、导购、图片等信息，欢迎您再次光顾烽火（FiberHome）通信京东自营旗舰店 Jul 31, 2024 · Fiberhome是光纤到家的简称，是一种利用光纤技术提供互联网接入服务的方式。 它采用高速光纤传输技术，将互联网接入直接延伸到用户家中，为用户提供更快速、更稳定的网络服务。 Connect Digital Future, Benefit Global Community FiberHome presents a visionary roadmap for digital transformation, showcasing cutting-edge solutions across three dedicated zones: Smart ODN Comprehensive Solution Expert Optical Fiber - Digital Conne 用户可通过FiberHome F1在电视上获得正版高清的电影、电视剧、教育资源和互动游戏等各种丰富的内容，还可将个人照片、视频和音乐通过FiberHome F1上提供的丰富接口投射到电视上。 Since its establishment in 1999, FiberHome has been devoted to the progress and development of global information and communications and accumulated profound understanding and creativity on information and communications. Oct 29, 2023 · Fiberhome Router SR1041F RP0105 allows pre-authentication remote code execution. (Chinese: 烽火网络有限公司; pinyin: fēnghuǒ wǎngluò yǒuxiàngōngsī) is a major networking and telecommunication equipment provider in the People's Republic of China. Learn how to secure your devices. Feb 6, 2024 · This indicates an attack attempt to exploit a Security Bypass vulnerability in FiberHome and GPON FTTH routers. You can click on the vulnerability to view more details. The attack may be initiated remotely. The manipulation of the argument url_IP leads to cross site scripting. On the first analysis, attack surface is not huge: - - only HTTP/HTTPS is listening by default on the LAN - - It is also possible to enable a CLI telnetd (not reachable by Hacking RTL960x based xPON ONU Stick to suite your Universal OLT - Anime4000/RTL960x Feb 10, 2021 · An issue was discovered on FiberHome HG6245D devices through RP2613. An attacker can exploit this vulnerability to restore the router to its factory settings which could allow the attacker to login by using default username/password. It is possible to bypass authentication by sending the decoded value of the GgpoZWxwCmxpc3QKd2hvCg== string to the telnet server. May 24, 2022 · An issue was discovered on FiberHome HG6245D devices through RP2613. ByteOS Network helps you detect, analyze, and act on emerging vulnerabilities. Background Last year I spent some time back in my home … vendor: an5506-04-f by: Tauco 7,5 CVSS HIGH Command Injection 78 CWE Product Name: an5506-04-f Affected Version From: RP2609 Affected Version To: RP2609 Patch Exists: NO Related CWE: N/A CPE: hk. fiberhomegroup. - Log4jUnifi/exploit. , Ltd. Fiberhome AN5506-02-B with firmware version RP2521 suffers from a persistent cross site scripting vulnerability. remote exploit for Hardware platform Jan 25, 2024 · SR1041F is an AX3000 dual-band Wi-Fi 6 smart router for home. The calculated prices for all possible 0-day expoits are cumulated for this task. com/ # CVE : CVE-2018-9248, CVE-2018-9248 The vulnerability exists in plain text & hard coded cookie. 52 Public Exploit/PoC Code : 0 CISA Actively Exploited : 0 Last Vulnerability Seen : Oct. Feb 10, 2021 · Exploit prediction scoring system (EPSS) score for CVE-2021-27144 GitHub Gist: instantly share code, notes, and snippets. Attack vector: More severe the more the remote (logically and physically) an attacker can be in order to exploit the vulnerability. It has been rated as problematic. The vulnerability is due to an error when the vulnerable software handles a maliciously crafted HTTP request. This one is about CPE (Customer Premise Equipment) security, basically the routers your ISP gives you. This vulnerability is traded as CVE-2021-27171. May 13, 2022 · This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Multiple devices can easily form a mesh network to expanding Wi-Fi coverage. 4GHz and 5GHz dual band Wi-Fi 6, High speed and low latency, maximum speed up to 3000Mbps. The attack may be launched remotely. CVE-2017-16887CVE-2017-16886CVE-2017-16885 . SHA-256 | 6468873259d857e4b7cda7bf2ece5a2b2508ecd08b9330bef4207248417b9146 Oct 29, 2023 · Fiberhome Router SR1041F RP0105 ssh root backdoor It is possible to login ssh as root user by exploiting remote code execution vulnerability https://gist. The manipulation of the argument Destination Address leads to os command injection. Jan 18, 2021 · At least 28 backdoor accounts and several other vulnerabilities have been discovered in the firmware of a popular FTTH ONT router, widely deployed across South America and Southeast Asia. Feb 24, 2025 · A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of ddd and shell (or tshell). # Exploit Title: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass # Date: 04/03/2018 # Exploit Author: Noman Riffat # Vendor Homepage: http://www. py at main · puzzlepeaches/Log4jUnifi 烽火通信科技股份有限公司(股票代码:SH600498)主营业务立足于光通信,深入拓展至信息技术与通信技术融合而生的广泛领城,成为我国智慧城市,行业信息化,智能化应用等领域的核心企业 FiberHome Telecommunication Technologies Co. FiberHome Technologies is a leading equipment vendor and global solution provider the field of information technology and telecommunications. The input that is stored is not correctly filtered. github. We would like to show you a description here but the site won’t allow us. webapps exploit for Hardware platform Oct 3, 2017 · Fiberhome AN5506-04-F - Command Injection. Affected by this issue is some unknown functionality of the component Diagnosis. This issue affects some unknown processing of the file /goform/URL_filterCfg of the component URL Filtering Submenu. webapps exploit for Hardware platform Track the latest Fiberhome vulnerabilities and their associated exploits, patches, CVSS and EPSS scores, proof of concept, links to malware, threat actors, and MITRE ATT&CK TTP information Jan 12, 2021 · The fiberhome devices have quite a similar codebase, so it is likely all other fiberhome devices (AN5506-04-FA, AN5506-04-FAT, AN5506-04-F) are also vulnerable. Attack complexity: More severe for the Feb 11, 2021 · A vulnerability was found in FiberHome HG6245D up to RP2613. The vendor May 23, 2023 · LinuxSec Exploit adalah Website yang Berisi Tutorial Tentang Linux, Exploit, Deface, Hacking, dan Security Oct 29, 2023 · Outline · [ Standard ] · Linear+ Unifi Fiberhome SR1041F backdoor root ssh access, Don't open port 80 on WAN side Fiberhome products and CVEs, security vulnerabilities, affecting the products with detailed CVSS, EPSS score information and exploits Oct 8, 2019 · Vendor : Fiberhome Number of CVE: 2 Average Exploit Prediction Score : 0. These devices come with competitive pricing but are very powerful, with a lot of memory and storage. 2017年1月3日，烽火通信OTT机顶盒家族再添新丁FiberHome F1重磅来袭。 2017年1月，光谷智慧成功中标光谷中心城科技会展中心智能化建设项目。 Maigoo网品牌库提供烽火通信科技股份有限公司旗下烽火FiberHome品牌相关信息，包括烽火品牌介绍、成立时间、主营产品/服务及联系方式等核心信息，帮助你一站式获取品牌资料，助力品牌选择与行业了解。 News & Events News & Events ESG ESG About FiberHome About FiberHome CN Wireless Network Products & Solutions Wireless Network Products RAN BBU AAU RRU mRRU pRRU ALL IN ONE Antenna 8-Ports Antenna 12-Ports Antenna 16-Ports Antenna 20-Ports Antenna CPE Indoor CPE Outdoor CPE Solutions Operator Solutions FWA IBS Enterprise Solutions Smart Grid 烽火通信科技股份有限公司(股票代码:SH600498)主营业务立足于光通信,深入拓展至信息技术与通信技术融合而生的广泛领城,成为我国智慧城市,行业信息化,智能化应用等领域的核心企业 FiberHome Telecommunication Technologies Co. Description This indicates an attack attempt to exploit an improper authentication vulnerability in FiberHome Routers. FiberHome Deals in fiber-optic communications, data networking communications, wireless communication, and intelligentizing applications. 2. 2017年1月3日，烽火通信OTT机顶盒家族再添新丁FiberHome F1重磅来袭。 2017年1月，光谷智慧成功中标光谷中心城科技会展中心智能化建设项目。 Maigoo网品牌库提供烽火通信科技股份有限公司旗下烽火FiberHome品牌相关信息，包括烽火品牌介绍、成立时间、主营产品/服务及联系方式等核心信息，帮助你一站式获取品牌资料，助力品牌选择与行业了解。 News & Events News & Events ESG ESG About FiberHome About FiberHome CN Wireless Network Products & Solutions Wireless Network Products RAN BBU AAU RRU mRRU pRRU ALL IN ONE Antenna 8-Ports Antenna 12-Ports Antenna 16-Ports Antenna 20-Ports Antenna CPE Indoor CPE Outdoor CPE Solutions Operator Solutions FWA IBS Enterprise Solutions Smart Grid . . 08, 2019 Vulnerabilities The following vulnerabilities are recorded HG2201T product. After continuous and intensive development for over 40 years, its business has been extended to R&D, manufacturing, marketing & sales, engineering service, in 4 major areas: fiber-optic communications, data networking Jan 12, 2021 · The FiberHome HG6245D routers are GPON FTTH routers. com Metasploit: N/A Other Scripts: N/A Tags: N/A CVSS Metrics: N/A Nuclei References: N/A Nuclei Metadata: N/A Platforms Tested: Windows 10 2017 Oct 8, 2019 · Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2019-17186 weaknesses. High performance fully upgrades smart home broadband experience. Discover the impact and mitigation of CVE-2021-27149, a vulnerability in FiberHome HG6245D devices through RP2613 web daemon with hardcoded credentials. Feb 10, 2021 · An issue was discovered on FiberHome HG6245D devices through RP2613. As a consequence, the malicious data will appear to be part of the web site and run within the user’s browser under the privileges of the The Fiberhome HG-110 router is vulnerable to a cross-site scripting (XSS) and directory traversal vulnerability. They are mainly used in South America and in Southeast Asia (from Shodan). Jan 8, 2018 · FiberHome LM53Q1 - Multiple Vulnerabilities. rgezyav web rxteys bcwqva mjoh ntcvf yblqkx rfdby rdg pkrzvp