Ibad Shah

Name of the Vulnerable Software and Affected Versions: FiberHome LM53Q1 version VH519R05C01S38 Description: The issue is related to improper permissions handling in the portal of the affected device, allowing remote attackers to obtain sensitive information without authentication. This information includes the device version, firmware ID, connected users, and their MAC addresses. Recommendations: For FiberHome LM53Q1 version VH519R05C01S38, consider restricting access to the portal until a fix is available to prevent unauthorized information disclosure. As a temporary workaround, limit the exposure of the device to the internet or implement additional authentication mechanisms to protect sensitive information.

Name of the Vulnerable Software and Affected Versions: FiberHome Mobile WIFI Device Model LM53Q1 version VH519R05C01S38 Description: The issue concerns unauthorized access to web services via CSRF, which can lead to changes in the administrator's username or password. This is due to the use of SOAP-based web services for interaction with the portal. Recommendations: For FiberHome Mobile WIFI Device Model LM53Q1 version VH519R05C01S38, consider implementing CSRF protection mechanisms to prevent unauthorized access to web services, such as validating request tokens or using same-site cookies to restrict access. As a temporary workaround, restrict access to the web services API to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: FiberHome Mobile WIFI Device Model LM53Q1 version VH519R05C01S38 Description: The issue concerns unauthorized access to web services on the device, which can lead to the disclosure of the WLAN key/password. The portal uses SOAP-based web services for interaction. Recommendations: For FiberHome Mobile WIFI Device Model LM53Q1 version VH519R05C01S38, consider restricting access to the SOAP-based web services to minimize the risk of exploitation. Avoid using the device's web services until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ZTE ZXDSL 831CII (affected versions not specified) **Description** The issue concerns the connoppp.cgi component on ZTE ZXDSL 831CII devices, which does not require HTTP Basic Authentication. This allows remote attackers to modify the PPPoE configuration or set up a malicious configuration via a GET request to the `/connoppp.cgi` API endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FiberHome User End Routers version AN1020-25 **Description** An issue was discovered that could allow an attacker to easily restore a router to its factory settings by browsing to the "http://[Default-Router-IP]/restoreinfo.cgi" API endpoint and executing it. Due to improper authentication on this page, the software accepts the request, allowing the attacker to reset the router to its default configurations, which could later allow the attacker to login to the router using the default `username` and `password`. **Recommendations** For FiberHome User End Routers version AN1020-25, as a temporary workaround, consider restricting access to the "/restoreinfo.cgi" API endpoint to minimize the risk of exploitation. Avoid using the default `username` and `password` until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.