cvedb.io
CVE-2017-16885
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2018-01-12T17:29:00.897 · Last modified 2026-06-17T01:10:05.563

Summary

Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating. The information includes Version of device, Firmware ID, Connected users to device along their MAC Addresses, etc.

Affected products

fiberhome — lm53q1_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when fiberhome ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.