VYPR

HG100

by Humaxdigital

CVEs (5)

  • CVE-2019-11061Aug 29, 2019
    risk 0.01cvss epss 0.04

    A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10…

  • CVE-2019-15912Dec 20, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can use the ZigBee trust center rejoin procedure to perform mutiple denial of service attacks.

  • CVE-2019-15911Dec 20, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause the multiple denial of service attacks, take over smart…

  • CVE-2019-15910Dec 20, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Attackers can utilize the "discover ZigBee network procedure" to perform a denial of service attack.

  • CVE-2019-11060Aug 29, 2019
    risk 0.00cvss epss 0.03

    The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service (DoS) by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a…