CVE-2021-27179

Vulnerability

The telnet daemon in FiberHome HG6245D devices through firmware version RP2613 can be crashed by sending a specific hex string 0a 65 6e 61 62 6c 65 0a 02 0a 1a 0a [1]. This string is likely interpreted as a command sequence that triggers a crash. The vulnerability exists in all firmware versions up to and including RP2613 [1].

Exploitation

An attacker only needs network access to the telnet daemon, which is not enabled by default but can be enabled via the web interface. For devices where telnet is enabled (e.g., through the backdoor steps described in the reference), the attacker can send the crafted string over TCP port 23 [1].

Impact

Successful exploitation causes a denial of service (DoS) of the telnet daemon, preventing legitimate administrative access via telnet. The device itself may remain operational, but telnet functionality becomes unavailable until the daemon is restarted [1].

Mitigation

As of the publication date, no patch has been released. The vendor has not provided a fix. The telnet daemon is disabled by default, so users who do not enable it are not affected. However, if telnet is essential, avoid exposing it to untrusted networks [1].