cvedb.io
CVE-2021-42912
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2021-12-16T17:15:07.980 · Last modified 2026-06-17T04:10:16.010

Summary

FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This vulnerability allows the attacker, once logged in, to send commands to the operating system as the root user via the ping diagnostic tool, bypassing the IP address field, and concatenating OS commands with a semicolon.

Affected products

fiberhome — an5506-01-a_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when fiberhome ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.