VARIoT IoT vulnerabilities database
| VAR-202102-1417 | CVE-2021-27174 | FiberHome HG6245D Vulnerability in plaintext storage of important information on devices |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on FiberHome HG6245D devices through RP2613. wifi_custom.cfg has cleartext passwords and 0644 permissions. FiberHome HG6245D A device contains a vulnerability in the plaintext storage of important information.Information may be obtained. HG6245D is a FTTH ONT router launched by FiberHome.
The wifi_custom.cfg in FiberHome HG6245D has a security vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1418 | CVE-2021-27175 | FiberHome HG6245D Vulnerability in plaintext storage of important information on devices |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_2g.cfg has cleartext passwords and 0644 permissions. FiberHome HG6245D A device contains a vulnerability in the plaintext storage of important information.Information may be obtained. HG6245D is a FTTH ONT router launched by FiberHome.
The wifictl_2g.cfg in FiberHome HG6245D has a security vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1375 | CVE-2021-27144 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded f~i!b@e#r$h%o^m*esuperadmin / s(f)u_h+g|u credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1374 | CVE-2021-27143 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / user1234 credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1396 | CVE-2021-27165 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The telnet daemon on port 23/tcp can be abused with the gpon/gpon credentials. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. FiberHome HG6245D devices is a router of China FiberHome. Provide network connectivity function.
There is a trust management vulnerability in FiberHome HG6245D devices. Attackers can use this vulnerability to attack the affected components using default passwords or hard-coded passwords, hard-coded certificates, etc
| VAR-202102-1373 | CVE-2021-27142 | FiberHome HG6245D devices trust management issue vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web management is done over HTTPS, using a hardcoded private key that has 0777 permissions. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information may be obtained. FiberHome HG6245D devices is a router of China FiberHome. Provide network connectivity function.
There is a trust management vulnerability in FiberHome HG6245D devices
| VAR-202102-1372 | CVE-2021-27141 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. Credentials in /fhconf/umconfig.txt are obfuscated via XOR with the hardcoded *j7a(L#yZ98sSd5HfSgGjMj8;Ss;d)(*&^#@$a2s0i3g key. (The webs binary has details on how XOR is used.). FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
| VAR-202102-1371 | CVE-2021-27140 | FiberHome HG6245D Vulnerability in plaintext storage of important information on devices |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to find passwords and authentication cookies stored in cleartext in the web.log HTTP logs. FiberHome HG6245D A device contains a vulnerability in the plaintext storage of important information.Information may be obtained
| VAR-202102-1370 | CVE-2021-27139 | FiberHome HG6245D Vulnerabilities in devices |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to extract information from the device without authentication by disabling JavaScript and visiting /info.asp. FiberHome HG6245D An unspecified vulnerability exists in the device.Information may be obtained
| VAR-202102-1411 | CVE-2021-27168 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. There is a 6GFJdY4aAuUKJjdtSn7d password for the rdsadmin account. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. FiberHome HG6245D devices is a router of China FiberHome. Provide network connectivity function.
There is a trust management vulnerability in FiberHome HG6245D devices. Attackers can use this vulnerability to attack the affected components using default passwords or hard-coded passwords, hard-coded certificates, etc
| VAR-202102-1409 | CVE-2021-27166 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The password for the enable command is gpon. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. FiberHome HG6245D devices is a router of China FiberHome. Provide network connectivity function.
There is a trust management vulnerability in FiberHome HG6245D devices. Attackers can use this vulnerability to attack the affected components using default passwords or hard-coded passwords, hard-coded certificates, etc
| VAR-202102-1413 | CVE-2021-27170 | FiberHome HG6245D devices default configuration problem vulnerability |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no firewall rules for IPv6 connectivity, exposing the internal management interfaces to the Internet. FiberHome HG6245D A device contains a vulnerability in the insecure storage of important information.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. FiberHome HG6245D devices is a router of China FiberHome. Provide network connectivity function
| VAR-202102-1380 | CVE-2021-27149 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded adminpldt / z6dUABtl270qRxt7a2uGTiw credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1381 | CVE-2021-27150 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded gestiontelebucaramanga / t3l3buc4r4m4ng42013 credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1389 | CVE-2021-27158 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded L1vt1m4eng / 888888 credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1393 | CVE-2021-27162 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / tattoo@home credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1391 | CVE-2021-27160 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / 888888 credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1390 | CVE-2021-27159 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded useradmin / 888888 credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1388 | CVE-2021-27157 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 888888 credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1394 | CVE-2021-27163 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / tele1234 credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided