VYPR

Hg100r Firmware

by Humaxdigital

CVEs (4)

  • CVE-2017-11435CriJul 19, 2017
    risk 0.68cvss 9.8epss 0.10

    The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router is configured to expose the management console. The router is not validating…

  • CVE-2017-7317CriJul 4, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin.

  • CVE-2017-7315CriJul 4, 2017
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin.

  • CVE-2017-7316MedJul 4, 2017
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered on Humax Digital HG100R 2.0.6 devices. There is XSS on the 404 page.