Enhancement: cves/2021/CVE-2021-28150.yaml by md

2023-02-01 12:28:44 -05:00 · 2023-02-01 12:28:44 -05:00 · 98be3e1d2e
parent e48aac4d61
commit 98be3e1d2e
1 changed files with 6 additions and 4 deletions
--- a/cves/2021/CVE-2021-28150.yaml
+++ b/cves/2021/CVE-2021-28150.yaml
@ -1,14 +1,14 @@
 id: CVE-2021-28150

 info:
-  name: Hongdian Sensitive Information
+  name: Hongdian H8922 3.0.5- Sensitive Information
  author: gy741
  severity: medium
-  description: Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi.
+  description: Hongdian H8922 3.0.5 devices are susceptible to information disclosure. An attacker can read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  reference:
    - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-28150
    - http://en.hongdian.com/Products/Details/H8922
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-28150
  classification:
    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 5.5
@ -43,4 +43,6 @@ requests:
        words:
          - "CLI configuration saved from vty"
          - "service webadmin"
-        part: body
+        part: body
+
+# Enhanced by md on 2023/02/01