Skip to main content

H8951 4G Esp Firmware

10 CVEs product

Monthly

CVE-2023-49262 CRITICAL Act Now

The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow H8951 4G Esp Firmware
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2023-49261 HIGH This Week

The "tokenKey" value used in user authorization is visible in the HTML source of the login page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure H8951 4G Esp Firmware
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2023-49260 MEDIUM This Month

An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminal_tool.cgi" path. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS H8951 4G Esp Firmware
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2023-49259 HIGH This Week

The authentication cookies are generated using an algorithm based on the username, hardcoded secret and the up-time, and can be guessed in a reasonable time. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure H8951 4G Esp Firmware
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2023-49258 MEDIUM This Month

User browser may be forced to execute JavaScript and pass the authentication cookie to the attacker leveraging the XSS vulnerability located at "/gui/terminal_tool.cgi" in the "data" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS H8951 4G Esp Firmware
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2023-49257 HIGH This Week

An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate upload utility and execute it with the root user privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure H8951 4G Esp Firmware
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2023-49256 HIGH This Week

It is possible to download the configuration backup without authorization and decrypt included passwords using hardcoded static key. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure H8951 4G Esp Firmware
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2023-49255 CRITICAL Act Now

The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass H8951 4G Esp Firmware
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-49254 HIGH This Week

Authenticated user can execute arbitrary commands in the context of the root user by providing payload in the "destination" field of the network test tools. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection H8951 4G Esp Firmware
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2023-49253 CRITICAL Act Now

Root user password is hardcoded into the device and cannot be changed in the user interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass H8951 4G Esp Firmware
NVD
CVSS 3.1
9.8
EPSS
0.1%
EPSS 0% CVSS 9.8
CRITICAL Act Now

The authentication mechanism can be bypassed by overflowing the value of the Cookie "authentication" field, provided there is an active user session. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow H8951 4G Esp Firmware
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The "tokenKey" value used in user authorization is visible in the HTML source of the login page. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure H8951 4G Esp Firmware
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

An XSS attack can be performed by changing the MOTD banner and pointing the victim to the "terminal_tool.cgi" path. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS H8951 4G Esp Firmware
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The authentication cookies are generated using an algorithm based on the username, hardcoded secret and the up-time, and can be guessed in a reasonable time. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure H8951 4G Esp Firmware
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

User browser may be forced to execute JavaScript and pass the authentication cookie to the attacker leveraging the XSS vulnerability located at "/gui/terminal_tool.cgi" in the "data" parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS H8951 4G Esp Firmware
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate upload utility and execute it with the root user privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure H8951 4G Esp Firmware
NVD
EPSS 0% CVSS 7.5
HIGH This Week

It is possible to download the configuration backup without authorization and decrypt included passwords using hardcoded static key. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure H8951 4G Esp Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The router console is accessible without authentication at "data" field, and while a user needs to be logged in in order to modify the configuration, the session state is shared. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass H8951 4G Esp Firmware
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Authenticated user can execute arbitrary commands in the context of the root user by providing payload in the "destination" field of the network test tools. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection H8951 4G Esp Firmware
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Root user password is hardcoded into the device and cannot be changed in the user interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass H8951 4G Esp Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy