Vulnerabilities > Hongdian

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-06	CVE-2021-28149	Path Traversal vulnerability in Hongdian H8922 Firmware 3.0.5 Hongdian H8922 3.0.5 devices allow Directory Traversal. network low complexity hongdian CWE-22	4.0
2021-05-06	CVE-2021-28150	Forced Browsing vulnerability in Hongdian H8922 Firmware 3.0.5 Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi. local low complexity hongdian CWE-425	2.1
2021-05-06	CVE-2021-28151	OS Command Injection vulnerability in Hongdian H8922 Firmware 3.0.5 Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest. network low complexity hongdian CWE-78 critical	9.0
2021-05-06	CVE-2021-28152	Improper Authentication vulnerability in Hongdian H8922 Firmware 3.0.5 Hongdian H8922 3.0.5 devices have an undocumented feature that allows access to a shell as a superuser. network low complexity hongdian CWE-287 critical	9.8

Vulnerabilities > Hongdian {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Hongdian"}]}