CVE-2017-14147CVE-2017-14147

Affected configuration(s):

cpe:/o:fiberhomegroup:adsl_an1020-25_firmware:-

Date published: 2017-09-07T10:29:00.290-04:00

Date last modified: 2017-11-28T21:29:07.527-05:00

CVSS Score: 7.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://packetstormsecurity.com/files/144022/FiberHome-Unauthenticated-ADSL-Router-Factory-Reset.html

Summary: An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to easily restore a router to its factory settings by simply browsing to the link http://[Default-Router-IP]/restoreinfo.cgi & execute it. Due to improper authentication on this page, the software accepts the request hence allowing attacker to reset the router to its default configurations which later could allow attacker to login to router by using default username/password.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.