Fiberhome exploit. remote exploit for Hardware platform FiberHome. This vulnerability is handled as CVE-2024-51432. 52 Public Exploit/PoC Code : 0 CISA Actively Exploited : 0 Last Vulnerability Seen : Oct. The web daemon contains the hardcoded trueadmin / admintrue credentials for an ISP. A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. An attacker can exploit this vulnerability to restore the router to its factory CVE-2021-27167 : An issue was discovered on FiberHome HG6245D devices through RP2613. VulDB is the best source for Exploit-DB raw data: ## Vulnerability Summary The following advisory describes a directory traversal vulnerability found in FiberHome routers. Exploit prediction scoring system (EPSS) score for CVE-2021-27172 EPSS FAQ 0. This issue affects some unknown processing of the file A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. It is possible to start a Linux telnetd as root on port 26/tcp by using the CLI interface commands of A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. The summary of the vulnerabilities is: I removed several DoS This page lists vulnerability statistics for all products of Fiberhome. Affected by this issue is some unknown functionality of the CVE-2022-36200 : In FiberHome VDSL2 Modem HG150-Ub_V3. The web daemon contains the hardcoded telecomadmin / nE7jA%5m credentials for an ISP. Devices. FiberHome Technologies Group “was FiberHome Unauthenticated ADSL Router Factory Reset. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in More than 25 backdoor accounts and multiple vulnerabilities have been found in FTTH ONT routers developed by the Chinese manufacture FiberHome Networks. They are mainly used in South America and in Southeast Asia (from Shodan). CVE-2021-27179 : An issue was discovered on FiberHome HG6245D devices through RP2613. Attack vector: More severe the more the An issue was discovered on FiberHome HG6245D devices through RP2613. By exploiting a path traversal vulnerability, the attacker can access sensitive An issue was discovered on FiberHome HG6245D devices through RP2613. To download and run the exploit Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more. This vulnerability allows the attacker, once logged in, to send commands In FiberHome VDSL2 Modem HG150-Ub_V3. This vulnerability in AN1020-25 router enables an anonymous unauthorized attacker to bypass authentication & access Resetting Detailed information about how to use the exploit/multi/http/ubiquiti_unifi_log4shell metasploit module (UniFi Network Application Unauthenticated JNDI Injection RCE An issue was discovered on FiberHome HG6245D devices through RP2613. FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass. CVE-2019-9556 . Affected by this issue is some unknown functionality of the CVE-2019-9556 : FiberHome an5506-04-f RP2669 devices have XSS. remote exploit for Hardware platform FiberHome routers are susceptible to local file inclusion in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value. AN1020-25. Di belakangnya sebenarnya telah dituliskan metode untuk login ke pengaturan sistem modem, termasuk user dan password untuk wireless WIFI Vulnerability exists in web interface of FIBERHOME AN5506-04-F router. The web daemon contains the hardcoded user / user1234 credentials for an ISP. The FiberHome HG6245D routers are GPON FTTH routers. This repository automates the exploitation process. A vulnerability, which was classified as critical, has been found in FiberHome AN1020-25 (affected version unknown). Affected by this issue is an unknown functionality of Description This indicates an attack attempt to exploit an improper authentication vulnerability in FiberHome Routers. Factory. A vulnerability classified as problematic has been found in FiberHome AN5506-01A ONU GPON RP2511. webapps exploit for Hardware platform We didn't see how Gwmndy malware spread, but we know that some Fiberhome router Web systems have weak passwords and there are RCE vulnerabilities. This vulnerability allows the attacker, without logged in to send commands to the operating system as the root user. CVE-2017-16886 : The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. The fiber-optic submarine communications cables (SCCs) are a critical infrastructure forming the cyber backbone of governments, economies, and security organizations. Reset Description This indicates an attack attempt to exploit an improper authentication vulnerability in FiberHome Routers. webapps exploit for Hardware platform. These networks are prone to An issue was discovered on FiberHome HG6245D devices through RP2613. Fiberhome AN5506-02-B Cross Site Scripting The fiberhome devices have quite a similar codebase, so it is likely all other fiberhome devices (AN5506-04-FA, AN5506-04-FAT, AN5506-04-F) are also vulnerable. The Fiberhome HG-110 router is vulnerable to a cross-site scripting (XSS) and directory traversal vulnerability. See the blog post above for guidance on post-exploitation. The identification of this vulnerability is CVE-2025-1613. There is a password of four hexadecimal characters for the admin account. This vulnerability is traded as CVE-2021-27177. Do you have any SPI reader, and time to make a dump? Mine is branded Fiberhome Router SR1041F RP0105 allows pre-authentication remote code execution. Fiberhome Router SR1041F RP0105 allows pre-authentication remote code execution. It is possible to bypass authentication by sending the decoded value of the GitHub Gist: instantly share code, notes, and snippets. It is possible to crash the telnet daemon by sending a certain 0a 65 6e 61 62 6c CVE-2021-27165 : An issue was discovered on FiberHome HG6245D devices through RP2613. Track the latest Fiberhome vulnerabilities and their associated exploits, patches, CVSS and EPSS scores, proof of concept, links to malware, threat actors, and MITRE ATT&CK TTP information Fiberhome AN5506-04-F - Command Injection. webapps exploit for Hardware platform FiberHome AN5506 - Remote DNS Change. Affected is an unknown function of the file FiberHome Modem Router HG-110 - Authentication Bypass To Remote Change DNS Servers. - puzzlepeaches/Log4jUnifi CVE-2021-27169 : An issue was discovered on FiberHome AN5506-04-FA devices with firmware RP2631. SHA-256 | Cross Site Scripting vulnerability in FiberHome HG6544C RP2743 allows an attacker to execute arbitrary code via the SSID field in the WIFI Clients List not being sanitized SR1041F is an AX3000 dual-band Wi-Fi 6 smart router for home. Fiberhome AN5506-04-F – Stored Cross Site Scripting Stored XSS occurs when a web application gathers input from a user which might be malicious, and then stores that input in a Bom dia pessoal Tenho um Fiberhome HG6143D e ontem na tentativa de resolver uns problemas estranhos com Nat Type, resolvi atualizar o Firmware. Vulnerability statistics provide a quick overview for security vulnerabilities related to software products of Fiberhome. This issue affects some unknown processing of the file Attackers can exploit this vulnerability by leveraging the hardcoded credentials to gain unauthorized access to the web interface of the affected FiberHome HG6245D devices. The web daemon contains the hardcoded admin / aisadmin credentials for an ISP. Learn about CVE-2021-27165, a security vulnerability in FiberHome HG6245D devices allowing unauthorized access via telnet. VulDB is the best A vulnerability was found in FiberHome HG6544C RP2743 and classified as problematic. This one is about CPE (Customer Premise Equipment) security, Fiberhome AN5506-02-B with firmware version RP2521 suffers from a persistent cross site scripting vulnerability. webapps exploit for Linux platform. Would you need a firmware dump? Mine is a 1041y. The web daemon contains the hardcoded admin / 3UJUh2VemEfUtesEchEC2d2e credentials for CVE-2017-14147 : An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to easily restore a router to its f Modem fiberhome memiliki dua model yang biasa ditemui yaitu HG6145F dan HG6243C. This project supports multiple An issue was discovered on FiberHome HG6245D devices through RP2613. fiberhome. Go to the Public Exploits tab to see the list. This vulnerability allows the attacker, without logged in to send commands to the LinuxSec Exploit adalah Website yang Berisi Tutorial Tentang Linux, Exploit, Deface, Hacking, dan Security A vulnerability classified as problematic has been found in FiberHome AN5506-01A ONU GPON RP2511. . An Information Technology Laboratory National Vulnerability DatabaseVulnerabilities For those of you who are used to reading about my Apple research, this post is going to be a change of pace. This vulnerability is traded as CVE-2025-1614. 22% CVE-2021-27146 : An issue was discovered on FiberHome HG6245D devices through RP2613. Fiberhome products and CVEs, security vulnerabilities, affecting the products with detailed CVSS, EPSS score information and exploits Vendor : Fiberhome Number of CVE: 2 Average Exploit Prediction Score : 0. The web daemon contains the hardcoded admin / CUadmin credentials for an ISP. 2. CVE-2017-16887 : The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. CVE-2018-9248 . 08, 2019 Outline · [ Standard ] · Linear+ Unifi Fiberhome SR1041F backdoor root ssh access, Don't open port 80 on WAN side Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by Description A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. com/ # CVE : CVE FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. weak passwords and RCE vulnerabilities. This issue affects some unknown processing of the file . Explore the latest vulnerabilities and security issues of Fiberhome in the CVE database Track the latest Fiberhome vulnerabilities and their associated exploits, patches, CVSS and EPSS scores, proof of concept, links to malware, threat actors, and MITRE ATT&CK TTP information A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. 4GHz and 5GHz dual band Wi-Fi 6, High speed and low latency, maximum speed up to An issue was discovered on FiberHome HG6245D devices through RP2613. If you want Hello I have same router. Vulnerability Database Total number of vulnerabilities in the DB: 294,625 With exploit CVE-2021-27143 : An issue was discovered on FiberHome HG6245D devices through RP2613. webapps exploit for Hardware platform Setup XPON ONU SFP Stick Clone Stock ONU OMCI Info Fiberhome for who using Fiberhome ONT, high chance under Fiberhome OLT Standard, not Fiberhome OLT Universal ISP specific A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. a comprehensive collection of exploits, scripts, and tools designed for testing and exploiting vulnerabilities in various software and hardware systems. This exploit allows an attacker to remotely change the DNS servers on a FiberHome Modem Router HG-110. If you want Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting. This router has vulnerabilities where you can get information or edit configurations in an unauthenticated way. A vulnerability, which was classified as critical, was found in FiberHome HG6245D up to RP2613. These c Fiberhome Hg6245d Firmware version rp2613 security vulnerabilities, CVEs, exploits, vulnerability statistics, CVSS scores and references A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. These devices come with competitive CVE-2017-15647 . In particular, it has been providing end-to-end FiberHome HG-110 - Cross-Site Scripting / Directory Traversal. 0, Credentials of Admin are submitted in URL, which can be logged/sniffed. 2018-01-08 "FiberHome LM53Q1 - Multiple Vulnerabilities" webapps exploit for hardware platform Exploit VAR-E-202208-0063. There is a gepon password for the gepon account. This allows an attacker to execute arbitrary script code in the browser of a user # Exploit Title: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass # Date: 04/03/2018 # Exploit Author: Noman Riffat # Vendor Homepage: http://www. It has been rated as problematic. I see that your fw is with FiberHome logo. Unauthenticated. Find mitigation steps and preventive measures here. The telnet daemon on port 23/tcp can be abused with the gpon/gpon credentials. This quote is from 2019. O update foi tranquilo, baixei do site A vulnerability classified as critical has been found in FiberHome HG6245D up to RP2613. Affected is an unknown function of the file Authored by Pierre Kim FiberHome HG6245D routers suffer from bypass, hard-coded credentials, password disclosure, privilege escalation, denial of service, remote stack Proof of concepts for this vulnerability are scattered and have to be performed manually. Affected by this issue is some unknown functionality of the FiberHome Deals in fiber-optic communications, data networking communications, wireless communication, and intelligentizing applications. In a report, vendor: an5506-04-f by: Tauco 7,5 CVSS HIGH Command Injection 78 CWE Product Name: an5506-04-f Affected Version From: RP2609 Affected Version To: RP2609 Patch Exists: NO CVE-2025-52357 has a 3 public PoC/Exploit available at Github. FiberHome HG6245D devices是中国烽火通信（FiberHome）公司的一个路由器。提供网络联通功能。 FiberHome HG6245D devices中存在加密问题漏洞，该漏洞源于可以在 Multiple vulnerabilities have been discovered in the firmware of a popular FiberHome HG6245D router, widely deployed across South America and Southeast Asia. This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). This vulnerability is traded as CVE-2021-27165. jzl fsdcai kgt fpfgp zwjt gtbfy dotyqcw utqo oslnwpf ywy