A Fourth Estate® Service

Thursday, February 25, 2021

Multiple Security Vulnerabilities Detected in FiberHome Routers

Security researcher Pierre Kim reported that he discovered a few security issues with FiberHome HG6245D and FiberHome RP2602.

Security researcher Pierre Kim reported that he discovered a few security issues with FiberHome HG6245D and FiberHome RP2602.

According to Kim, there were 28 backdoor accounts and several other vulnerabilities in the firmware of a popular  Fiber-to-the-Home Optical Network Terminal (FTTH ONT) routers.

Kim explained that the router firmware prevents web panel breaches by protecting the IPv4 interface and prevents botnet threats by disabling the Telnet management feature.

Despite those protections, the routers do not have the same measures for the IPv6 interface and MAC address leakage, storage of passwords and cookies in plaintext, exposure of SSL certificate stored on the device, and 22 hardcoded credentials in the management panel.

Kim suspected that suspects these issues may also impact other models due to similarities in coding.

Kim said he found and reported these issues in January 2020 and but is not sure if the vulnerabilities have been patched already. 

Fiberhome has not yet made a statement regarding the exposed vulnerabilities. 

Article © 2021 Fourth Estate® — All rights reserved.
This material may not be published, broadcast, rewritten or redistributed.

Recent Articles

Get the Daily NewsBrief in your inbox

Related Stories