Vulnerability in Fiberhome Hg6245d
CVE-2021-27156
An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains credentials for an ISP that equal the last part of the MAC address of the br0 interface.
EPSS: 0.145 (96.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Fiberhome Hg6245d
- Fiberhome Hg6245d_firmware
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (Exploit, Third Party Advisory, x_refsource_MISC)
Frequently asked questions
- What is CVE-2021-27156?
- CVE-2021-27156 is a critical-severity vulnerability in Fiberhome Hg6245d, classified under Use of Hard-coded Credentials. CVSS score: 9.8/10. Published 2021-02-10.
- How severe is CVE-2021-27156?
- Critical severity. CVSS v3 base score is 9.8 out of 10.