Insecure Storage of Sensitive Information
CVE-2021-27170
Summary
An issue was discovered on FiberHome HG6245D devices through RP2613. By default, there are no firewall rules for IPv6 connectivity, exposing the internal management interfaces to the Internet.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-922 - Insecure Storage of Sensitive Information
The software stores sensitive information without properly limiting read or write access by unauthorized actors.
References
Advisory Timeline
- Published