CVE-2017-11435

high-risk
Published 2017-07-19

The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router is configured to expose the management console. The router is not validating the session token while returning answers for some methods in url '/api'. An attacker can use this vulnerability to retrieve sensitive information such as private/public IP addresses, SSID names, and passwords.

Do I need to act?

!
19.7% chance of exploitation in next 30 days
EPSS score — higher than 80% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
42732
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Hg100R Firmware

Affected Vendors

Humaxdigital

References (3)

Broken Link https://www.trustwave.com/Resources/Security-Advisories/Advisories/Multiple-Vuln...
Third Party Advisory https://hackertor.com/2017/07/19/na-cve-2017-11435-the-humax-wi-fi-router-model-...
Broken Link https://www.trustwave.com/Resources/Security-Advisories/Advisories/Multiple-Vuln...
51
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 14/34 · Moderate
Exposure 5/34 · Minimal