Chbg
Products
2- 6 CVEs
- 1 CVE
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-1264 | 0.04 | — | 0.09 | Jan 10, 2005 | Buffer overflow in the simplify_path function in config.c for ChBg 1.5 allows remote attackers to execute arbitrary code via a crafted chbg scenario file. | |||
| CVE-2022-30623 | 0.00 | — | 0.00 | Jul 18, 2022 | The server checks the user's cookie in a non-standard way, and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system using a username and password. | |||
| CVE-2022-30625 | 0.00 | — | 0.00 | Jul 18, 2022 | Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. A directory listing provides an attacker with the complete index of all the resources located inside of the directory. The specific risks… | |||
| CVE-2022-30626 | 0.00 | — | 0.00 | Jul 18, 2022 | Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access point on the component, and a password in clear text. | |||
| CVE-2022-30624 | 0.00 | — | 0.00 | Jul 18, 2022 | Browsing the admin.html page allows the user to reset the admin password. Also appears in the JS code for the password. | |||
| CVE-2022-30627 | 0.00 | — | 0.00 | Jul 18, 2022 | This vulnerability affects all of the company's products that also include the FW versions: update_i90_cv2.021_b20210104, update_i50_v1.0.55_b20200509, update_x6_v2.1.2_b202001127, update_b5_v2.0.9_b20200706. This vulnerability makes it possible to extract from the FW the… | |||
| CVE-2022-30622 | 0.00 | — | 0.00 | Jul 17, 2022 | Disclosure of information - the system allows you to view usernames and passwords without permissions, thus it will be possible to enter the system. Path access: http://api/sys_username_passwd.cmd - The server loads the request clearly by default. Disclosure of hard-coded credit… |
- CVE-2004-1264Jan 10, 2005risk 0.04cvss —epss 0.09
Buffer overflow in the simplify_path function in config.c for ChBg 1.5 allows remote attackers to execute arbitrary code via a crafted chbg scenario file.
- CVE-2022-30623Jul 18, 2022risk 0.00cvss —epss 0.00
The server checks the user's cookie in a non-standard way, and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system using a username and password.
- CVE-2022-30625Jul 18, 2022risk 0.00cvss —epss 0.00
Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. A directory listing provides an attacker with the complete index of all the resources located inside of the directory. The specific risks…
- CVE-2022-30626Jul 18, 2022risk 0.00cvss —epss 0.00
Browsing the path: http://ip/wifi_ap_pata_get.cmd, will show in the name of the existing access point on the component, and a password in clear text.
- CVE-2022-30624Jul 18, 2022risk 0.00cvss —epss 0.00
Browsing the admin.html page allows the user to reset the admin password. Also appears in the JS code for the password.
- CVE-2022-30627Jul 18, 2022risk 0.00cvss —epss 0.00
This vulnerability affects all of the company's products that also include the FW versions: update_i90_cv2.021_b20210104, update_i50_v1.0.55_b20200509, update_x6_v2.1.2_b202001127, update_b5_v2.0.9_b20200706. This vulnerability makes it possible to extract from the FW the…
- CVE-2022-30622Jul 17, 2022risk 0.00cvss —epss 0.00
Disclosure of information - the system allows you to view usernames and passwords without permissions, thus it will be possible to enter the system. Path access: http://api/sys_username_passwd.cmd - The server loads the request clearly by default. Disclosure of hard-coded credit…