CRITICAL🇬🇧 English

CVE-2017-16885

CVSS 9.8v3.0pub. 2018-01-12upd. 2024-11-21

Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating. The information includes Version of device, Firmware ID, Connected users to device along their MAC Addresses, etc.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fiberhome Lm53q1

    HW
    Fiberhome
    wszystkie wersje
  • Fiberhome Lm53q1 Firmware

    OS
    Fiberhome
    vh519r05c01s38
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2017-16887CRITICAL9.8ten sam produkt

The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order t...

CVE-2017-16886HIGH8.8ten sam produkt

The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order t...

CVE-2025-63353CRITICAL9.8PL ✓ten sam vendor

FiberHome HG6145F1 — przewidywalne domyślne hasło Wi-Fi na podstawie SSID

CVE-2021-27143CRITICAL9.8ten sam vendor

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded use...

CVE-2021-27141CRITICAL9.8ten sam vendor

An issue was discovered on FiberHome HG6245D devices through RP2613. Credentials in /fhconf/umconfig.txt are o...