Full Disclosure mailing list archives
SSD Advisory – FiberHome Directory Traversal
From: Maor Shwartz <maors () beyondsecurity com>
Date: Sun, 15 Oct 2017 08:12:54 +0300
SSD Advisory – FiberHome Directory Traversal Full report: https://blogs.securiteam.com/index.php/archives/3472 Twitter: @SecuriTeam_SSD Weibo: SecuriTeam_SSD Vulnerability Summary The following advisory describes a directory traversal vulnerability found in FiberHome routers. FiberHome Technologies Group “was established in 1974. After continuous and intensive development for over 40 years, its business has been extended to R&D, manufacturing, marketing & sales, engineering service, in 4 major areas: fiber-optic communications, data networking communications, wireless communication, and intelligentizing applications. In particular, it has been providing end-to- end solutions integrated with opto-electronic devices, opticpreforms, fiber & cables, and optical communication systems to many countries around the world.” Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor response We tried to contact FiberHome since September 6 2017, repeated attempts to establish contact went unanswered. At this time there is no solution or workaround for the vulnerability. -- Thanks Maor Shwartz Beyond Security GPG Key ID: 93CC36E2DE7FF514
Attachment:
SSD Advisory – FiberHome Directory Traversal – SecuriTeam Blogs.pdf
Description:
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- SSD Advisory – FiberHome Directory Traversal Maor Shwartz (Oct 17)