FiberHome (Fiberhome Telecommunication Technologies Co.,LTD) — ~215 prefixes (MA-L)

FiberHome holds a large OUI footprint registered to "Fiberhome Telecommunication Technologies Co.,LTD" — 215 MA-L blocks in the cached IEEE registry, all carrying the address No.5 DongXin Road, Wuhan, Hubei, CN 430074 (a small subset uses the expanded "Wuhan City, Hubei Province" form). Consolidating these into one vendor entry is far more useful than minting 200-plus near-identical per-prefix pages. FiberHome Telecommunication Technologies Co., Ltd. (SSE: 600498) sits within China Information and Communication Technologies Group Corporation (CICT), a state-owned enterprise under SASAC formed in 2018 from the merger of FiberHome Technologies Group and Datang Telecom. A separate, much smaller registrant string — "Wuhan FiberHome Digital Technology Co.,Ltd." (2 MA-L blocks: 00:0A:C2 and 14:F8:93, registered at No.88 YouKeyuan Road, Hongshan District, Wuhan) — belongs to the same corporate family but is a distinct IEEE registrant and is noted here rather than merged. These OUIs appear overwhelmingly on GPON/FTTH optical network terminals (ONT/ONU) and ISP-supplied residential CPE gateways — confirmed deployed models include the HG6245D, AN5506-04-FA, and HG6145F1 — concentrated in South America and Southeast Asia. Security context is material for triage. In January 2021 researcher Pierre Kim published 41 CVEs against the HG6245D and AN5506-04-FA covering hardcoded/backdoor credentials (admin/888888, gpon/gpon, root/GEPON), authentication bypass via a telnet backdoor API, cleartext credential storage, and missing IPv6 WAN firewall rules, with a finding note that some backdoors appeared intentional; CVE-2025-63353 affects the HG6145F1, whose factory-default WPA/WPA2 PSK is derivable from the SSID (PSK = 0xFFFFFF minus the SSID hex value) with no authentication required. Regulatory context is also relevant: the US Commerce Department added the parent "Fiberhome Technologies Group" (and subsidiary "Nanjing FiberHome Starrysky") to the Entity List effective 2020-06-05 (85 FR 34506), citing alleged complicity in surveillance of Uighur and Muslim minority groups in Xinjiang. The practical read for an analyst: a FiberHome OUI on a subscriber LAN almost always means an ISP-supplied GPON ONT/CPE, so assume firmware-vulnerability risk is elevated absent confirmed patching; on a corporate or enterprise segment, flag for compliance review given the parent group's Entity List status. IEEE publishes no OUI assignment dates, so none is stated here.

IEEE assignment

215 prefixes → Fiberhome Telecommunication Technologies Co.,LTD, registered Wuhan, Hubei, CN [Confirmed] — IEEE MA-L (cached registry copy at enrichment/registries/oui.csv); representative blocks: 78:46:5F, 30:86:F1, 7C:C7:4A, AC:CB:36, EC:E6:A2, 10:07:1D, B0:5C:16, F4:57:3E (and 207 more)

Registry / block size

MA-L (24-bit OUI); 215 IEEE MA-L blocks. No MA-M (mam.csv) and no MA-S (oui36.csv) assignments exist for this registrant in the cached registries. [Confirmed] — IEEE MA-L/MA-M/MA-S cached CSVs. NOTE: IEEE's public OUI data publishes NO assignment/registration date (oui.csv columns are only Registry, Assignment, Organization Name, Organization Address); any "date registered" on third-party tools is a database artifact, not an IEEE fact.

HQ / country

No.5 DongXin Road, Wuhan, Hubei, CN 430074 (registry address; a later-row subset uses "Wuhan City, Hubei Province") [Confirmed] — IEEE MA-L

Company status

active; FiberHome Telecommunication Technologies Co., Ltd. is publicly listed (SSE: 600498) and is part of CICT, a SASAC state-owned enterprise [Confirmed] — en.wikipedia.org/wiki/FiberHome, stockanalysis.com/quote/sha/600498

Parent / corporate chain

FiberHome Telecommunication Technologies Co., Ltd. (SSE: 600498) → China Information and Communication Technologies Group Corporation (CICT), formed 2018 from FiberHome Technologies Group + Datang Telecom → affiliated to SASAC of the State Council [Confirmed] — en.wikipedia.org/wiki/FiberHome, govt.chinadaily.com.cn (CICT)

Device types

GPON/FTTH optical network terminals (ONT/ONU), GPON routers/CPE (residential fiber gateways), OLTs, broadband access equipment, optical fiber/cable, wireless access equipment [Confirmed] — en.fiberhome.com, netify.ai/resources/macs/brands/fiberhome

Notable products (confirmed deployed)

HG6245D (GPON FTTH router/ONT), AN5506-04-FA (GPON FTTH router), HG6145F1 (GPON ONU); ISP-deployed residential CPE, primarily South America and Southeast Asia [Confirmed] — pierrekim.github.io (2021 disclosure), en.fiberhome.com

Related registrant (same corporate family, distinct IEEE registrant string — NOT merged)

"Wuhan FiberHome Digital Technology Co.,Ltd." holds 2 MA-L blocks (00:0A:C2, 14:F8:93) at No.88 YouKeyuan Road, Hongshan District, Wuhan, Hubei 430074, CN [Confirmed] — IEEE oui.csv, hwaddress.com/company/wuhan-fiberhome-digital-technology-coltd

Security context

2021 Pierre Kim disclosure — 41 CVEs vs HG6245D / AN5506-04-FA: hardcoded/backdoor credentials (admin/888888, gpon/gpon, root/GEPON, admin/tele1234), telnet backdoor API auth bypass, cleartext credential storage, missing IPv6 WAN firewall rules, weak XOR password encryption, world-readable hardcoded SSL keys; full-disclosure with allegation some backdoors were intentional. CVE-2025-63353 — HG6145F1 GPON ONU predictable factory Wi-Fi PSK (PSK = 0xFFFFFF − SSID hex), no auth required. CVE-2021-27173 (and related) — AN5506-01A XSS in NAT submenu. [Confirmed] — pierrekim.github.io/blog/2021-01-12-fiberhome-ont-0day-vulnerabilities.html, medium.com (CVE-2025-63353), latesthackingnews.com

Regulatory context (factual, not advocacy)

US Commerce Dept Entity List — "Fiberhome Technologies Group" (parent of this registrant family) + subsidiary "Nanjing FiberHome Starrysky Communication Development" added effective 2020-06-05 (85 FR 34506), cited for alleged complicity in surveillance of Uighur/Kazakh Muslim minorities in Xinjiang; US suppliers need a special export license (few granted). Third Chinese comms-tech company on the Entity List after ZTE and Huawei. [Confirmed] — lightwaveonline.com (Entity List), reedsmith.com, globaltradeandsanctionslaw.com

Special note

prefix count (215) is sourced from the cached IEEE MA-L registry and drifts as FiberHome registers more blocks; IEEE publishes no per-company total. Third-party tools report differing counts because some merge or split the "Fiberhome Telecommunication Technologies Co.,LTD" and "Wuhan FiberHome Digital Technology Co.,Ltd." registrant strings. [Confirmed] — IEEE MA-L, maclookup.app, netify.ai

Analyst note

A FiberHome MAC on a subscriber LAN is almost certainly an ISP-supplied GPON ONT or residential CPE gateway (HG6245D-class). Treat as an edge device with elevated firmware-vulnerability risk absent confirmed patching — particularly IPv6 WAN-facing services per the 2021 disclosure. On a corporate/enterprise segment rather than a subscriber CPE port, flag for compliance review given the parent group's Entity List status.