Buffer overflow in Fiberhome An5506-04-fa
CVE-2021-4464
FiberHome AN5506-04-FA firmware versions up to and including RP2631 and HG6245D prior to RP2602 contain a stack-based buffer overflow, as the HTTP service ('webs') fails to enforce maximum lengths for Cookie header values. When a cookie lo…
Vulnerability class: Buffer Overflow
EPSS: 0.018 (75.4th percentile) — read the EPSS interpretation.
Affected products
- Fiberhome An5506-04-fa — versions 0
- Fiberhome Hg6245d — versions 0
Weakness classification (CWE)
References
- disclosure@vulncheck.com (technical-description, exploit)
- disclosure@vulncheck.com (technical-description, exploit)
- disclosure@vulncheck.com (third-party-advisory)