Vulnerabilities (CVE)

Filtered by vendor Fiberhome Subscribe
Filtered by product An5506-02-b Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38814 1 Fiberhome 2 An5506-02-b, An5506-02-b Firmware 2024-11-21 N/A 5.4 MEDIUM
A stored cross-site scripting (XSS) vulnerability in the auth_settings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfg_loid text field.
CVE-2021-42912 1 Fiberhome 12 Aan5506-04-g2g Firmware, An5506-01-a, An5506-01-a Firmware and 9 more 2024-11-21 9.0 HIGH 8.8 HIGH
FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This vulnerability allows the attacker, once logged in, to send commands to the operating system as the root user via the ping diagnostic tool, bypassing the IP address field, and concatenating OS commands with a semicolon.