Описание
An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin.
Ссылки
- ExploitMailing ListVDB Entry
- ExploitMailing ListVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:humaxdigital:hg100r_firmware:2.0.6:*:*:*:*:*:*:*
cpe:2.3:h:humaxdigital:hg100r:-:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00887
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-306
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin.
EPSS
Процентиль: 75%
0.00887
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-306