VAR-201707-1080
Vulnerability from variot - Updated: 2025-04-20 23:27An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin. Humax Digital HG100R Contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The HumaxDigitalHG100R is a router from Humax Digital, Korea. A security vulnerability exists in the HumaxDigitalHG100R version 2.0.6. Humax Digital HG100R multiple vulnerabilities Device: Humax HG100R Software Version: VER 2.0.6
- Backup file download (CVE-2017-7315) An issue was discovered on Humax Digital HG100R 2.0.6 devices, a modem commonly used by ISPs to provide ADSL internet service to household and small business users.
PoC wget http://192.168.0.1/view/basic/GatewaySettings.bin strings GatewaySettings.bin | grep -A 1 admin
- XSS Reflected(CVE-2017-7316) An issue was discovered on Humax Digital HG100R 2.0.6 devices. DESCREVE BREVEMENTE O QUE A XSS REFLECTED E FALA O QUE PODE FAZER COM O USUARIO USANDO ISSO. There is XSS reflected on the 404 page.
PoC http://192.168.0.1alert('XSS')
- Default credentials to router's web application not declared in the manual(CVE-2017-7317) NAO ENTENDI ESSA FRASE.
PoC wget http://192.168.0.1/view/basic/GatewaySettings.bin strings GatewaySettings.bin | grep -A 1 root
Timeline 2017-03-15 - First contact. Ignored by the vendor. 2017-03-21 - Second contact. 2017-03-22 - The vendor answered asking about the vulnerability. 2017-03-27 - Asked the vendor about his security team contact informarion to report the vulnerability. 2017-03-28 - The vendor answered saying that it is an old product, and they will check this vulnerabilities in the news products. 2017-03-28 - Ask the vendor about a patch. 2017-03-30 - Ask the vendor again about the patch. 2017-04-03 - Notified the vendor about the disclousure after 90 days, even without a patch. 2017-04-19 - Ask the vendor about a patch. 2017-05-08 - Ask the vendor about a patch. 2017-06-29 - Disclosure
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1080",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hg100r",
"scope": "eq",
"trust": 1.6,
"vendor": "humaxdigital",
"version": "2.0.6"
},
{
"model": "hg100r",
"scope": "eq",
"trust": 1.4,
"vendor": "humax",
"version": "2.0.6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-21541"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005294"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1297"
},
{
"db": "NVD",
"id": "CVE-2017-7315"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:humaxdigital:hg100r_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005294"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Gambler",
"sources": [
{
"db": "PACKETSTORM",
"id": "143227"
}
],
"trust": 0.1
},
"cve": "CVE-2017-7315",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-7315",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-21541",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-115518",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-7315",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7315",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-7315",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-21541",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-1297",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-115518",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-21541"
},
{
"db": "VULHUB",
"id": "VHN-115518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005294"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1297"
},
{
"db": "NVD",
"id": "CVE-2017-7315"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it\u0027s not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin. Humax Digital HG100R Contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The HumaxDigitalHG100R is a router from Humax Digital, Korea. A security vulnerability exists in the HumaxDigitalHG100R version 2.0.6. Humax Digital HG100R multiple vulnerabilities\nDevice: Humax HG100R\nSoftware Version: VER 2.0.6\n\n- Backup file download (CVE-2017-7315)\nAn issue was discovered on Humax Digital HG100R 2.0.6 devices, a modem commonly used by ISPs to provide ADSL internet service to household and small business users. \n\nPoC\nwget http://192.168.0.1/view/basic/GatewaySettings.bin\nstrings GatewaySettings.bin | grep -A 1 admin\n--------------------------------------------------------------------------------\n\n- XSS Reflected(CVE-2017-7316)\nAn issue was discovered on Humax Digital HG100R 2.0.6 devices. DESCREVE BREVEMENTE O QUE A XSS REFLECTED E FALA O QUE PODE FAZER COM O USUARIO USANDO ISSO. \nThere is XSS reflected on the 404 page. \n\nPoC\nhttp://192.168.0.1\u003cscript\u003ealert(\u0027XSS\u0027)\u003c/script\u003e\n--------------------------------------------------------------------------------\n\n- Default credentials to router\u0027s web application not declared in the manual(CVE-2017-7317) NAO ENTENDI ESSA FRASE. \n\nPoC\nwget http://192.168.0.1/view/basic/GatewaySettings.bin\nstrings GatewaySettings.bin | grep -A 1 root\n\n\nTimeline\n2017-03-15 - First contact. Ignored by the vendor. \n2017-03-21 - Second contact. \n2017-03-22 - The vendor answered asking about the vulnerability. \n2017-03-27 - Asked the vendor about his security team contact informarion to report the vulnerability. \n2017-03-28 - The vendor answered saying that it is an old product, and they will check this vulnerabilities in the news products. \n2017-03-28 - Ask the vendor about a patch. \n2017-03-30 - Ask the vendor again about the patch. \n2017-04-03 - Notified the vendor about the disclousure after 90 days, even without a patch. \n2017-04-19 - Ask the vendor about a patch. \n2017-05-08 - Ask the vendor about a patch. \n2017-06-29 - Disclosure",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7315"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005294"
},
{
"db": "CNVD",
"id": "CNVD-2017-21541"
},
{
"db": "VULHUB",
"id": "VHN-115518"
},
{
"db": "PACKETSTORM",
"id": "143227"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7315",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005294",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1297",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-21541",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "143227",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-115518",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-21541"
},
{
"db": "VULHUB",
"id": "VHN-115518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005294"
},
{
"db": "PACKETSTORM",
"id": "143227"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1297"
},
{
"db": "NVD",
"id": "CVE-2017-7315"
}
]
},
"id": "VAR-201707-1080",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-21541"
},
{
"db": "VULHUB",
"id": "VHN-115518"
}
],
"trust": 1.2999999999999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-21541"
}
]
},
"last_update_date": "2025-04-20T23:27:22.141000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://jp.humaxdigital.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005294"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.1
},
{
"problemtype": "CWE-522",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-115518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005294"
},
{
"db": "NVD",
"id": "CVE-2017-7315"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://seclists.org/fulldisclosure/2017/jun/45"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7315"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7315"
},
{
"trust": 0.1,
"url": "http://192.168.0.1/view/basic/gatewaysettings.bin"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7316"
},
{
"trust": 0.1,
"url": "http://192.168.0.1\u003cscript\u003ealert(\u0027xss\u0027)\u003c/script\u003e"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-21541"
},
{
"db": "VULHUB",
"id": "VHN-115518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005294"
},
{
"db": "PACKETSTORM",
"id": "143227"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1297"
},
{
"db": "NVD",
"id": "CVE-2017-7315"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-21541"
},
{
"db": "VULHUB",
"id": "VHN-115518"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005294"
},
{
"db": "PACKETSTORM",
"id": "143227"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1297"
},
{
"db": "NVD",
"id": "CVE-2017-7315"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-21541"
},
{
"date": "2017-07-04T00:00:00",
"db": "VULHUB",
"id": "VHN-115518"
},
{
"date": "2017-07-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005294"
},
{
"date": "2017-07-03T12:12:12",
"db": "PACKETSTORM",
"id": "143227"
},
{
"date": "2017-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1297"
},
{
"date": "2017-07-04T02:29:00.177000",
"db": "NVD",
"id": "CVE-2017-7315"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-21541"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-115518"
},
{
"date": "2017-07-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005294"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1297"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-7315"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1297"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Humax Digital HG100R Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005294"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1297"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…