Sign-up

ID

VAR-201707-0540


CVE

CVE-2017-11435


TITLE

Humax Wi-Fi Router model HG100R Vulnerabilities that bypass authentication

Trust: 0.8

sources: JVNDB: JVNDB-2017-005960

DESCRIPTION

The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router is configured to expose the management console. The router is not validating the session token while returning answers for some methods in url '/api'. An attacker can use this vulnerability to retrieve sensitive information such as private/public IP addresses, SSID names, and passwords. The HumaxWi-FiRouterHG100R is a router device from Humax Digital, Korea. An authentication bypass vulnerability exists in the HumaxWi-FiRouterHG100R version 2.0.6

Trust: 2.25

sources: NVD: CVE-2017-11435 // JVNDB: JVNDB-2017-005960 // CNVD: CNVD-2017-21709 // VULHUB: VHN-101857

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

category:['network device']sub_category:Wi-Fi router

Trust: 0.1

sources: OTHER: None // CNVD: CNVD-2017-21709

AFFECTED PRODUCTS

vendor:humaxmodel:hg100rscope:eqversion:2.0.6

Trust: 1.4

vendor:humaxdigitalmodel:hg100rscope:eqversion:2.0.6

Trust: 1.0

vendor:humaxmodel:digital wi-fi router hg100rscope:eqversion:2.0.6

Trust: 0.6

sources: CNVD: CNVD-2017-21709 // JVNDB: JVNDB-2017-005960 // CNNVD: CNNVD-201707-914 // NVD: CVE-2017-11435

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-11435
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-11435
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2017-21709
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201707-914
value: CRITICAL

Trust: 0.6

VULHUB: VHN-101857
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-11435
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-21709
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-101857
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-11435
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2017-11435
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2017-21709 // VULHUB: VHN-101857 // JVNDB: JVNDB-2017-005960 // CNNVD: CNNVD-201707-914 // NVD: CVE-2017-11435

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-101857 // JVNDB: JVNDB-2017-005960 // NVD: CVE-2017-11435

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201707-914

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201707-914

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-005960

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-101857

PATCH
title:Top Pageurl:https://jp.humaxdigital.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2017-005960

EXTERNAL IDS
db:NVDid:CVE-2017-11435
Trust: 3.2
db:JVNDBid:JVNDB-2017-005960
Trust: 0.8
db:CNNVDid:CNNVD-201707-914
Trust: 0.7
db:CNVDid:CNVD-2017-21709
Trust: 0.6
db:OTHERid:NONE
Trust: 0.1
db:EXPLOIT-DBid:42732
Trust: 0.1
db:VULHUBid:VHN-101857
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2017-21709 // 
            
            
            
            VULHUB: VHN-101857 // 
            
            
            
            JVNDB: JVNDB-2017-005960 // 
            
            
            
            CNNVD: CNNVD-201707-914 // 
            
            
            
            NVD: CVE-2017-11435

REFERENCES
url:https://hackertor.com/2017/07/19/na-cve-2017-11435-the-humax-wi-fi-router-model-hg100r-2-0-6-is/
Trust: 3.0
url:https://www.trustwave.com/resources/security-advisories/advisories/multiple-vulnerabilities-in-humax-routers/?fid=9700
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11435
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-11435
Trust: 0.8
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            CNVD: CNVD-2017-21709 // 
            
            
            
            VULHUB: VHN-101857 // 
            
            
            
            JVNDB: JVNDB-2017-005960 // 
            
            
            
            CNNVD: CNNVD-201707-914 // 
            
            
            
            NVD: CVE-2017-11435

SOURCES
db:OTHERid: - 
db:CNVDid:CNVD-2017-21709
db:VULHUBid:VHN-101857
db:JVNDBid:JVNDB-2017-005960
db:CNNVDid:CNNVD-201707-914
db:NVDid:CVE-2017-11435

LAST UPDATE DATE
2025-04-20T21:28:13.225000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-21709date:2017-08-18T00:00:00
db:VULHUBid:VHN-101857date:2017-07-25T00:00:00
db:JVNDBid:JVNDB-2017-005960date:2017-08-10T00:00:00
db:CNNVDid:CNNVD-201707-914date:2021-06-28T00:00:00
db:NVDid:CVE-2017-11435date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-21709date:2017-08-18T00:00:00
db:VULHUBid:VHN-101857date:2017-07-19T00:00:00
db:JVNDBid:JVNDB-2017-005960date:2017-08-10T00:00:00
db:CNNVDid:CNNVD-201707-914date:2017-07-20T00:00:00
db:NVDid:CVE-2017-11435date:2017-07-19T07:29:00.220