VARIoT IoT vulnerabilities database
| VAR-202102-1392 | CVE-2021-27161 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 1234 credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1386 | CVE-2021-27155 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 3UJUh2VemEfUtesEchEC2d2e credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1385 | CVE-2021-27154 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / G0R2U1P2ag credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1384 | CVE-2021-27153 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded trueadmin / admintrue credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1377 | CVE-2021-27146 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / CUadmin credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1378 | CVE-2021-27147 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / admin credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1387 | CVE-2021-27156 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains credentials for an ISP that equal the last part of the MAC address of the br0 interface. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a GPON FTTH router launched by FiberHome.
There is a trust management vulnerability in FiberHome HG6245D. The vulnerability stems from the lack of an effective trust management mechanism in network systems or products. Attackers can use this vulnerability to attack affected components using default passwords or hard-coded passwords, hard-coded certificates, etc
| VAR-202102-1376 | CVE-2021-27145 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / lnadmin credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1382 | CVE-2021-27151 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded rootmet / m3tr0r00t credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-0407 | CVE-2020-29171 | WordPress for Tips and Tricks HQ All In One WP Security & Firewall Cross-site scripting vulnerability in plugins |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in admin/wp-security-blacklist-menu.php in the Tips and Tricks HQ All In One WP Security & Firewall (all-in-one-wp-security-and-firewall) plugin before 4.4.6 for WordPress
| VAR-202102-1410 | CVE-2021-27167 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. There is a password of four hexadecimal characters for the admin account. These characters are generated in init_3bb_password in libci_adaptation_layer.so. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. FiberHome HG6245D devices is a router of China FiberHome. Provide network connectivity function.
There is a trust management vulnerability in FiberHome HG6245D devices. Attackers can use this vulnerability to attack the affected components using default passwords or hard-coded passwords, hard-coded certificates, etc
| VAR-202102-1412 | CVE-2021-27169 | FiberHome AN5506-04-FA Vulnerability in using hard-coded credentials on devices |
CVSS V2: 5.0 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome AN5506-04-FA devices with firmware RP2631. There is a gepon password for the gepon account. FiberHome AN5506-04-FA A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. FiberHome AN5506-04-FA is a router of China Fiberhome. Fiber is an open source web framework written in Go language.
A trust management vulnerability exists in FiberHome AN5506-04-FA. Attackers can use this vulnerability to attack the affected components using default passwords or hard-coded passwords, hard-coded certificates, etc
| VAR-202102-1420 | CVE-2021-27177 | FiberHome HG6245D Illegal Authentication Vulnerability in Device |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass authentication by sending the decoded value of the GgpoZWxwCmxpc3QKd2hvCg== string to the telnet server. FiberHome HG6245D The device contains a vulnerability related to unauthorized authentication.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has an authentication bypass vulnerability
| VAR-202102-1421 | CVE-2021-27178 | FiberHome HG6245D Vulnerability in plaintext storage of important information on devices |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue was discovered on FiberHome HG6245D devices through RP2613. Some passwords are stored in cleartext in nvram. FiberHome HG6245D A device contains a vulnerability in the plaintext storage of important information.Information may be obtained. HG6245D is a FTTH ONT router launched by FiberHome
| VAR-202102-1395 | CVE-2021-27164 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / aisadmin credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. FiberHome HG6245D devices is a router of China FiberHome. Provide network connectivity function.
There is a trust management vulnerability in FiberHome HG6245D devices. Attackers can use this vulnerability to attack the affected components using default passwords or hard-coded passwords, hard-coded certificates, etc
| VAR-202102-1383 | CVE-2021-27152 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded awnfibre / fibre@dm!n credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202102-1379 | CVE-2021-27148 | FiberHome HG6245D Vulnerability in using hard-coded credentials on devices |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded telecomadmin / nE7jA%5m credentials for an ISP. FiberHome HG6245D A device contains a vulnerability in the use of hard-coded credentials.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. HG6245D is a FTTH ONT router launched by FiberHome.
FiberHome HG6245D has a hard-coded credential vulnerability. No detailed vulnerability details are currently provided
| VAR-202103-0463 | CVE-2020-9213 | plural Huawei Product vulnerabilities in handling exceptional conditions |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft many specific packets. Successful exploit may cause some services to be abnormal. Affected products include some versions of NGFW Module, NIP6300, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500, Secospace USG6600 and SG9500. plural Huawei The product contains a vulnerability in handling exceptional conditions.Denial of service (DoS) It may be put into a state
| VAR-202102-0791 | CVE-2021-21511 | Dell EMC Avamar Server Authentication Vulnerability in Microsoft |
CVSS V2: 5.5 CVSS V3: 8.1 Severity: HIGH |
Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. A remote low privileged attacker could potentially exploit this vulnerability, to gain unauthorized read or modification access to other users' backup data. DELL Dell EMC Avamar Server is a set of fully virtualized backup and recovery software for servers from Dell (DELL). An authorization issue vulnerability exists in Dell EMC Avamar Server, which originates from the lack of authentication measures or insufficient authentication strength in network systems or products
| VAR-202102-0772 | CVE-2020-8701 | Intel(R) SSD Toolbox Inappropriate Default Permission Vulnerability |
CVSS V2: 4.6 CVSS V3: 6.7 Severity: MEDIUM |
Incorrect default permissions in installer for the Intel(R) SSD Toolbox versions before 2/9/2021 may allow a privileged user to potentially enable escalation of privilege via local access. Intel(R) SSD Toolbox Is vulnerable to incorrect default permissions.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. A default configuration problem vulnerability exists in Intel SSD Toolbox, which originates from the use of insecure default configurations in network systems or products