CVE-2021-27140
HIGHFiberHome HG6245D Firmware < RP2613 - Cleartext Storage of Sensitive Information in HTTP Logs
Title source: llmDescription
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to find passwords and authentication cookies stored in cleartext in the web.log HTTP logs.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://pierrekim.github.io/blog/2021-01-12-fiberhome-ont-0day-vulnerabilities.html#httpd-passwords-logs
Scores
CVSS v3
7.5
EPSS
0.1886
EPSS Percentile
96.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-312
Status
published
Products (1)
fiberhome/hg6245d_firmware
< rp2613
Published
Feb 10, 2021
Tracked Since
Feb 18, 2026