CVE-2021-28151
45Vexday Risk Score
Patch now. It exploitation observed by VulnCheck and has a working public exploit.
ssvc Actepss 28%
from disclosure to weapon
Published on NVDMay 6
VulnCheck+962d
exploitation probability
28%top 2% of all CVEs
observed exploitation
yesVulnCheck
Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest.
Affected products
n/a · n/a