Hg100r Firmware

hg100r_firmware

Vendor: Humaxdigital • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-11435 1Humaxdigital 1Hg100r Firmware May 13, 2026 Jul 19, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router is configured to ex...Show more The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router is configured to expose the management console. The router is not validating the session token while returning answers for some methods in url '/api'. An attacker can use this vulnerability to retrieve sensitive information such as private/public IP addresses, SSID names, and passwords.Show less
CVE-2017-7317 1Humaxdigital 1Hg100r Firmware May 13, 2026 Jul 4, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin.
CVE-2017-7316 1Humaxdigital 1Hg100r Firmware May 13, 2026 Jul 4, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered on Humax Digital HG100R 2.0.6 devices. There is XSS on the 404 page.
CVE-2017-7315 1Humaxdigital 1Hg100r Firmware May 13, 2026 Jul 4, 2017 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings....Show more An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin.Show less