Enhancement: cves/2021/CVE-2021-28150.yaml by md
parent
e48aac4d61
commit
98be3e1d2e
|
@ -1,14 +1,14 @@
|
||||||
id: CVE-2021-28150
|
id: CVE-2021-28150
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Hongdian Sensitive Information
|
name: Hongdian H8922 3.0.5- Sensitive Information
|
||||||
author: gy741
|
author: gy741
|
||||||
severity: medium
|
severity: medium
|
||||||
description: Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi.
|
description: Hongdian H8922 3.0.5 devices are susceptible to information disclosure. An attacker can read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
|
||||||
reference:
|
reference:
|
||||||
- https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/
|
- https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/
|
||||||
- https://nvd.nist.gov/vuln/detail/CVE-2021-28150
|
|
||||||
- http://en.hongdian.com/Products/Details/H8922
|
- http://en.hongdian.com/Products/Details/H8922
|
||||||
|
- https://nvd.nist.gov/vuln/detail/CVE-2021-28150
|
||||||
classification:
|
classification:
|
||||||
cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
||||||
cvss-score: 5.5
|
cvss-score: 5.5
|
||||||
|
@ -43,4 +43,6 @@ requests:
|
||||||
words:
|
words:
|
||||||
- "CLI configuration saved from vty"
|
- "CLI configuration saved from vty"
|
||||||
- "service webadmin"
|
- "service webadmin"
|
||||||
part: body
|
part: body
|
||||||
|
|
||||||
|
# Enhanced by md on 2023/02/01
|
||||||
|
|
Loading…
Reference in New Issue