Vulnerability in Fiberhome Hg6245d

CVE-2021-27156

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains credentials for an ISP that equal the last part of the MAC address of the br0 interface.

EPSS: 0.145 (96.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2021-27156?
CVE-2021-27156 is a critical-severity vulnerability in Fiberhome Hg6245d, classified under Use of Hard-coded Credentials. CVSS score: 9.8/10. Published 2021-02-10.
How severe is CVE-2021-27156?
Critical severity. CVSS v3 base score is 9.8 out of 10.