Fiberhome Lm53Q1 Firmware vulnerabilities
3 known vulnerabilities affecting fiberhome/lm53q1_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2017-16887P2CRITICALCVSS 9.8PoCvvh519r05c01s382018-01-12
CVE-2017-16887 [CRITICAL] CWE-275 CVE-2017-16887: The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services
The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services can result in disclosure of the WLAN key/password.
nvd
CVE-2017-16885P2CRITICALCVSS 9.8PoCvvh519r05c01s382018-01-12
CVE-2017-16885 [CRITICAL] CWE-732 CVE-2017-16885: Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for
Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating. The information includes Version of device, Firmware ID, Connected users to device along their MAC Add
nvd
CVE-2017-16886P2HIGHCVSS 8.8PoCvvh519r05c01s382018-01-12
CVE-2017-16886 [HIGH] CWE-352 CVE-2017-16886: The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services
The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services via CSRF can result in an unauthorized change of username or password of the administrator of the portal.
nvd