7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
41.4%
The length of the input fields of Host Engineering H0-ECOM100, H2-ECOM100, and H4-ECOM100 modules are verified only on the client side when receiving input from the configuration web server, which may allow an attacker to bypass the check and send input to crash the device.
CPE | Name | Operator | Version |
---|---|---|---|
hosteng:h0-ecom100_firmware | hosteng h0-ecom100 firmware | le | 4.0.348 |
[
{
"product": "Host Engineering H0-ECOM100 Module",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Hardware Versions 6x and prior with Firmware Versions 4.0.348 and prior"
},
{
"status": "affected",
"version": "Hardware Version 7x with Firmware Versions 4.1.113 and prior"
},
{
"status": "affected",
"version": "Hardware Version 9x with Firmware Versions 5.0.149 and prior"
}
]
},
{
"product": "Host Engineering H2-ECOM100 Module",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Hardware Versions 5x and prior with Firmware Versions 4.0.2148 and prior"
},
{
"status": "affected",
"version": "Hardware Version 8x with Firmware Versions 5.0.1043 and prior"
}
]
},
{
"product": "Host Engineering H4-ECOM100 Module",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Firmware Versions 4.0.2148 and prior"
}
]
}
]
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
41.4%