hongdian

Top products

The 14 most recently published vulnerabilities affecting hongdian.

• CVE-2023-49262Buffer overflow vulnerability in Cookie authentication field9.8Jan 12, 2024
• CVE-2023-49261Sensitive authentication-related value accessible publicly7.5Jan 12, 2024
• CVE-2023-49260Stored cross-site scripting vulnerability6.1Jan 12, 2024
• CVE-2023-49259Bruteforcing authentication cookie for a given user7.5Jan 12, 2024
• CVE-2023-49258Reflected cross-site scripting vulnerability6.1Jan 12, 2024
• CVE-2023-49257Command execution using the certificate upload utility8.8Jan 12, 2024
• CVE-2023-49256Predictable encryption passphrase used in publicly accessible configuration file7.5Jan 12, 2024
• CVE-2023-49255Router console accessible without authentication9.8Jan 12, 2024
• CVE-2023-49254Command injection in the network test tools8.8Jan 12, 2024
• CVE-2023-49253Predefined root password9.8Jan 12, 2024
• CVE-2021-28149Hongdian H8922 3.0.5 devices allow Directory Traversal. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any fi...6.5May 6, 2021
• CVE-2021-28150Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi.5.5May 6, 2021
• CVE-2021-28152Hongdian H8922 3.0.5 devices have an undocumented feature that allows access to a shell as a superuser. To connect, the telnet service is used on port 5188 with the default credentials of root:supe...9.8May 6, 2021
• CVE-2021-28151Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username gue...8.8May 6, 2021