CVE-2021-27157
First published: Wed Feb 10 2021(Updated: )
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded admin / 888888 credentials for an ISP.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fiberhome Hg6245d Firmware | <=rp2613 | |
| Fiberhome Hg6245d Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-27157.
What is the severity of CVE-2021-27157?
The severity of CVE-2021-27157 is critical with a CVSS score of 9.8.
How does CVE-2021-27157 affect FiberHome HG6245D devices?
CVE-2021-27157 allows unauthorized access to FiberHome HG6245D devices through the web daemon using the hardcoded admin / 888888 credentials.
How can I fix CVE-2021-27157?
To fix CVE-2021-27157, FiberHome HG6245D devices should update to a firmware version that removes the hardcoded credentials.
Where can I find more information about CVE-2021-27157?
More information about CVE-2021-27157 can be found at https://pierrekim.github.io/blog/2021-01-12-fiberhome-ont-0day-vulnerabilities.html#httpd-hardcoded-credentials.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/fiberhome
- canonical/fiberhome hg6245d firmware
- version/fiberhome hg6245d firmware/rp2613