Humaxdigital Hg100R Firmware vulnerabilities
4 known vulnerabilities affecting humaxdigital/hg100r_firmware.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2017-11435P2CRITICALCVSS 9.8PoCv2.0.62017-07-19
CVE-2017-11435 [CRITICAL] CWE-200 CVE-2017-11435: The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via s
The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router is configured to expose the management console. The router is not validating the session token while returning answers for some methods in url '/api
nvd
CVE-2017-7315P3CRITICALCVSS 9.8PoCv2.0.62017-07-04
CVE-2017-7315 [CRITICAL] CWE-306 CVE-2017-7315: An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not
An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin.
nvd
CVE-2017-7317P3CRITICALCVSS 9.8v2.0.62017-07-04
CVE-2017-7317 [CRITICAL] CWE-200 CVE-2017-7317: An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credent
An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin.
nvd
CVE-2017-7316P4MEDIUMCVSS 6.1v2.0.62017-07-04
CVE-2017-7316 [MEDIUM] CWE-79 CVE-2017-7316: An issue was discovered on Humax Digital HG100R 2.0.6 devices. There is XSS on the 404 page.
An issue was discovered on Humax Digital HG100R 2.0.6 devices. There is XSS on the 404 page.
nvd