CVE-2021-27176

Vulnerability

The FiberHome HG6245D router stores Wi-Fi credentials in cleartext in the file wifictl_5g.cfg, which is assigned permissions 0644, making it readable by any user on the device. This issue affects firmware versions through RP2613, including RP2602 and RP2613 [1].

Exploitation

An attacker who gains any level of access to the device's filesystem—for example, via a compromised web session, telnet, or other means—can read wifictl_5g.cfg to obtain the cleartext Wi-Fi passwords. No additional authentication or special privileges are required beyond the ability to read the file [1].

Impact

Successful exploitation results in the disclosure of the Wi-Fi network's pre-shared key (PSK), allowing the attacker to connect to the Wi-Fi network and potentially access other devices on the same network. The confidentiality of the wireless network is compromised [1].

Mitigation

As of the publication date (February 2021), no firmware update or official fix has been released by FiberHome to address this issue. The latest firmware version (RP2613) remains vulnerable. Users may consider restricting access to the device's management interface or manually changing file permissions, though no vendor-supported workaround is available [1].