Skip to main content

Vdsl2 Modem Hg 150 Ub Firmware

2 CVEs product

Monthly

CVE-2018-9249 CRITICAL Act Now

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Vdsl2 Modem Hg 150 Ub Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
6.3%
CVE-2018-9248 CRITICAL POC THREAT Act Now

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Vdsl2 Modem Hg 150 Ub Firmware
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
15.3%
EPSS 6% CVSS 9.8
CRITICAL Act Now

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Vdsl2 Modem Hg 150 Ub Firmware
NVD GitHub
EPSS 15% CVSS 9.8
CRITICAL POC THREAT Act Now

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Vdsl2 Modem Hg 150 Ub Firmware
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy