14 matches found
EUVD-2017-16342
Malware in sbrugna...
EUVD-2017-16343
Malware in sbrugna...
EUVD-2017-16344
Malware in sbrugna...
Cross site scripting
An issue was discovered on Humax Digital HG100R 2.0.6 devices. There is XSS on the 404 page...
Design/Logic Flaw
An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...
Default credentials
An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin...
CVE-2017-7316
An issue was discovered on Humax Digital HG100R 2.0.6 devices. There is XSS on the 404 page...
CVE-2017-7317
An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...
CVE-2017-7315
An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin...
CVE-2017-7315
CVE-2017-7315 concerns Humax Digital HG100R devices (version 2.0.6). The vulnerability enables download of the backup file without authentication, and GatewaySettings.bin includes the router credentials in plaintext. This exposes sensitive credentials and configuration to an attacker who can obta...
CVE-2017-7316
CVE-2017-7316 affects Humax Digital HG100R devices running firmware 2.0.6, with a reflected XSS on the 404 page. The NVD entry describes network-exposed XSS that requires user interaction (CVSS3: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N; base 6.1). Related sources (CNVD/NVD/CVE listings) corroborate t...
CVE-2017-7316
An issue was discovered on Humax Digital HG100R 2.0.6 devices. There is XSS on the 404 page...
CVE-2017-7317
Summary: CVE-2017-7317 affects Humax Digital HG100 router devices (HG100, firmware 2.0.6). The vulnerability arises because the root credentials can be found in the backup file GatewaySettings.bin, enabling an attacker to obtain credentials stored in plaintext. This impacts confidentiality, integ...
Humax Digital HG100R Cross-Site Scripting Vulnerability
The Humax Digital HG100R is a router from the Korean company Humax Digital. A cross-site scripting vulnerability exists in the 404 page in version 2.0.6 of the Humax Digital HG100R. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...