Hn7000s Firmware

hn7000s_firmware

Vendor: Hughes • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-22971 1Hughes 5Hn7000s Firmware Hn9460 FirmwareHx200 Firmware+2 more Mar 28, 2025 Jan 26, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross Site Scripting (XSS) vulnerability in Hughes Network Systems Router Terminal for HX200 v8.3.1.14, HX90 v6.11.0.5, HX50L v6.10.0.18, HN9460 v8.2.0.48, and HN7000S v6.9.0.37, allows unauthenticated attackers to misus...Show more Cross Site Scripting (XSS) vulnerability in Hughes Network Systems Router Terminal for HX200 v8.3.1.14, HX90 v6.11.0.5, HX50L v6.10.0.18, HN9460 v8.2.0.48, and HN7000S v6.9.0.37, allows unauthenticated attackers to misuse frames, include JS/HTML code and steal sensitive information from legitimate users of the application.Show less
CVE-2016-9497 1Hughes 4Dw7000 Firmware Hn7000s FirmwareHn7000sm Firmware+1 more Nov 21, 2024 Jul 13, 2018 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does...Show more Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem.Show less
CVE-2016-9496 1Hughes 4Dw7000 Firmware Hn7000s FirmwareHn7000sm Firmware+1 more Nov 21, 2024 Jul 13, 2018 N/A· v4 6.5 MEDIUM· v3 6.1 MEDIUM· v2 Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication. An unauthenticated user may send an HTTP GET request to http://[ip]/com/gatewayreset or http://[ip]/cgi/reboot.b...Show more Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication. An unauthenticated user may send an HTTP GET request to http://[ip]/com/gatewayreset or http://[ip]/cgi/reboot.bin to cause the modem to reboot.Show less
CVE-2016-9495 1Hughes 4Dw7000 Firmware Hn7000s FirmwareHn7000sm Firmware+1 more Nov 21, 2024 Jul 13, 2018 N/A· v4 8.8 HIGH· v3 5.8 MEDIUM· v2 Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default creden...Show more Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device's default telnet port (23) can be obtained through using one of a few default credentials shared among all devices.Show less
CVE-2016-9494 1Hughes 4Dw7000 Firmware Hn7000s FirmwareHn7000sm Firmware+1 more Nov 21, 2024 Jul 13, 2018 N/A· v4 6.5 MEDIUM· v3 3.3 LOW· v2 Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status...Show more Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service.Show less