CVE-2017-16887

CRITICAL

FiberHome Mobile WIFI Device - Info Disclosure

Title source: llm

Description

The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services can result in disclosure of the WLAN key/password.

Exploits (1)

exploitdb WORKING POC

by Ibad Shah · pythonwebappshardware

https://www.exploit-db.com/exploits/43460

View Code ZIP pw:eip

References (2)

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2018/Jan/28

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/43460/

Scores

CVSS v3 9.8

EPSS 0.0395

EPSS Percentile 88.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-275

Status published

Products (1)

fiberhome/lm53q1_firmware vh519r05c01s38

Published Jan 12, 2018

Tracked Since Feb 18, 2026