cvedb.io
CVE-2017-14147
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2017-09-07T14:29:00.290 · Last modified 2026-06-17T01:05:41.020

Summary

An issue was discovered on FiberHome User End Routers Bearing Model Number AN1020-25 which could allow an attacker to easily restore a router to its factory settings by simply browsing to the link http://[Default-Router-IP]/restoreinfo.cgi & execute it. Due to improper authentication on this page, the software accepts the request hence allowing attacker to reset the router to its default configurations which later could allow attacker to login to router by using default username/password.

Affected products

fiberhome — adsl_an1020-25_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when fiberhome ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.