Hongdian H8922 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Hongdian H8922 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-28152 — CVSS 9.8 (critical): Hongdian H8922 3.0.5 devices have an undocumented feature that allows access to a shell as a superuser. To connect, the telnet service is…
CVE-2021-28151 — CVSS 8.8 (high): Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the…
CVE-2021-28149 — CVSS 6.5 (medium): Hongdian H8922 3.0.5 devices allow Directory Traversal. The /log_download.cgi log export handler does not validate user input and allows a…
CVE-2021-28150 — CVSS 5.5 (medium): Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data)…