Published: 07/09/2017 Updated: 02/07/2021

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

An issue exists on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an malicious user to easily restore a router to its factory settings by simply browsing to the link [Default-Router-IP]/restoreinfo.cgi & execute it. Due to improper authentication on this page, the software accepts the request hence allowing malicious user to reset the router to its default configurations which later could allow malicious user to login to router by using default username/password.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fiberhome adsl_an1020-25_firmware -

Title: ==== FiberHome Unauthenticated ADSL Router Factory Reset Credit: ====== Name: Ibad Shah Twitter: @BeeFaauBee09 Website: beefaaubee09githubio CVE: ===== CVE-2017-14147 Date: ==== 05-09-2017 (dd/mm/yyyy) About FiberHome: ====== FiberHome Technologies is a leading equipment vendor and global solution provider the field of informati ...

FiberHome suffers from an unauthenticated ADSL router factory reset vulnerability ...

CWE-287 http://packetstormsecurity.com/files/144022/FiberHome-Unauthenticated-ADSL-Router-Factory-Reset.html https://www.exploit-db.com/exploits/42649/https://beefaaubee09.github.io/fiberhome-adsls-dos/https://nvd.nist.gov https://www.exploit-db.com/exploits/42649/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-14147

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect