This exploit demonstrates an unauthenticated remote DNS change vulnerability in FIBERHOME AN5506 routers by sending a crafted HTTP request to the web interface. The PoC uses curl to modify DHCP settings, including DNS servers, without authentication.
Classification
Working Poc 95%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target:FIBERHOME AN5506-04-F (RP2617)
No auth needed
Prerequisites:Network access to the target device · Curl or similar HTTP client