Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:26 a.m.6 views

CVE-2021-28149

Hongdian H8922 3.0.5 devices allow Directory Traversal. The /logdownload.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ e.g., ../../etc/passwd This can be carried out with a web...

6.5CVSS6.8AI score0.13751EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2021/05/27 12:0 a.m.20 views

Hongdian H8922 Command Injection (CVE-2021-28151; CVE-2021-28149)

A command injection vulnerability exists in Hongdian H8922. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.4AI score0.27912EPSS
Exploits2
CVE
CVE
added 2021/05/06 3:12 p.m.96 views

CVE-2021-28149

CVE-2021-28149 (Hongdian H8922 3.0.5) is a local file inclusion vulnerability in the device’s /log_download.cgi log export handler. The issue arises because user input is not validated, allowing a remote attacker with minimal privileges to download arbitrary files from the device by substituting ...

6.5CVSS6.7AI score0.13751EPSS
In wildExploits1References2Affected Software1
Circl
Circl
added 2021/04/29 7:23 a.m.25 views

CVE-2021-28149

creationtimestamp| type| source ---|---|--- 2021-04-29 07:23:32+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/277 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-28149.yaml 2025-01-26 00:00:00+00:00|...

6.5CVSS6.9AI score0.13751EPSS
In wildExploits1References4
Rows per page
Query Builder