Vulnerabilities (CVE)

Filtered by vendor Humaxdigital Subscribe
Filtered by product Hga12r-02
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9370 1 Humaxdigital 2 Hga12r-02, Hga12r-02 Firmware 2024-02-04 6.4 MEDIUM 9.1 CRITICAL
HUMAX HGA12R-02 BRGCAA 1.1.53 devices allow Session Hijacking.
CVE-2020-9477 1 Humaxdigital 2 Hga12r-02, Hga12r-02 Firmware 2024-02-04 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered on HUMAX HGA12R-02 BRGCAA 1.1.53 devices. A vulnerability in the authentication functionality in the web-based interface could allow an unauthenticated remote attacker to capture packets at the time of authentication and gain access to the cleartext password. An attacker could use this access to create a new user account or control the device.