MidnightBSD

Advisories for hbgk

CVE-2017-14335 MEDIUM

On Beijing Hanbang Hanbanggaoke devices, because user-controlled input is not sufficiently sanitized, sending a PUT request to /ISAPI/Security/users/1 allows an admin password change.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
hbgk hb7216x_firmware -
hbgk hb9608x3_firmware -
hbgk hb7032xt_firmware -
hbgk hb8616x3_firmware -
hbgk hb9904_firmware -
hbgk hb7908x_firmware -
hbgk hb9808n04_firmware -
hbgk hb8008r_firmware -
hbgk 7216xr_firmware -
hbgk hb7004k_firmware -
hbgk hb8208hr_firmware -
hbgk hb9832n16_firmware -
hbgk hb7004kh_firmware -
hbgk hb7916sx_firmware -
hbgk hb7216xt_firmware -
hbgk hb7008t2_firmware -
hbgk hb7108x3_firmware -
hbgk hb9916_firmware -
hbgk 7204xr_firmware -
hbgk hb8004r_firmware -
hbgk hb8208h_firmware -
hbgk hb7904_firmware -
hbgk hb9912_firmware -
hbgk hb9824n16_firmware -
hbgk hb9404x3_firmware -
hbgk hb7204x_firmware -
hbgk hb7008kc_firmware -
hbgk hb7008kh_firmware -
hbgk hb9932_firmware -
hbgk hb9220x3_firmware -
hbgk hb8216h_firmware -
hbgk hb8816x3_firmware -
hbgk hb7016t2_firmware -
hbgk hb9020x3_firmware -
hbgk hb7116x3_firmware -
hbgk hb8208x3_firmware -
hbgk hb9908_firmware -
hbgk hb7008kce_firmware -
hbgk hb8204h_firmware -
hbgk hb7024xt_firmware -
hbgk hb7008khe_firmware -
hbgk hb8016_firmware -
hbgk hb8216x3_firmware -
hbgk hb8008_firmware -
hbgk hb8204hr_firmware -
hbgk hb9816n08_firmware -
hbgk hb8808x3_firmware -
hbgk hb7204kk_firmware -
hbgk hb8608x3_firmware -
hbgk hb7016lh_firmware -
hbgk hb8016r_firmware -
hbgk hb9212x3_firmware -
hbgk hb7204kl_firmware -
hbgk hb8216hr_firmware -
hbgk hb7908_firmware -
hbgk hb9924_firmware -
hbgk hb7204xt_firmware -
hbgk hb9012x3_firmware -
hbgk 7208xr_firmware -
hbgk hb7208x_firmware -
hbgk hb7208xt_firmware -
hbgk hb8004_firmware -
hbgk hb9408x3_firmware -
hbgk hb7208x3_firmware -
hbgk hb7904x_firmware -
hbgk hb7216x3_firmware -
hbgk hb7016lc_firmware -
hbgk hb9604x3_firmware -
hbgk hb7916s_firmware -