CVE-2020-9477

An issue was discovered on HUMAX HGA12R-02 BRGCAA 1.1.53 devices. A vulnerability in the authentication functionality in the web-based interface could allow an unauthenticated remote attacker to capture packets at the time of authentication and gain access to the cleartext password. An attacker could use this access to create a new user account or control the device.

CVSS v3 9.8 CRITICAL
CVSS v2.0 5.0 MEDIUM

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://medium.com/%40rsantos_14778/info-disclosure-cve-2020-9477-29d0ca48d4fa
https://uk.humaxdigital.com/network/hga12r-02/	Product Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:humaxdigital:hga12r-02_firmware:brgcaa1.1.53:*:*:*:*:*:*:*

cpe:2.3:h:humaxdigital:hga12r-02:-:*:*:*:*:*:*:*

History

07 Nov 2023, 03:26

Type	Values Removed	Values Added
CWE	~~CWE-287~~	CWE-319
References	{'url': 'https://medium.com/@rsantos_14778/info-disclosure-cve-2020-9477-29d0ca48d4fa', 'name': 'https://medium.com/@rsantos_14778/info-disclosure-cve-2020-9477-29d0ca48d4fa', 'tags': ['Exploit', 'Third Party Advisory'], 'refsource': 'MISC'}	() https://medium.com/%40rsantos_14778/info-disclosure-cve-2020-9477-29d0ca48d4fa -

Information

Published : 2020-03-04 19:15

Updated : 2023-12-10 13:13

NVD link : CVE-2020-9477

Mitre link : CVE-2020-9477

CVE.ORG link : CVE-2020-9477

JSON object : View

Products Affected

humaxdigital

hga12r-02_firmware
hga12r-02

CWE

CWE-319

Cleartext Transmission of Sensitive Information

{"id": "CVE-2020-9477", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2020-03-04T19:15:14.073", "references": [{"url": "https://medium.com/%40rsantos_14778/info-disclosure-cve-2020-9477-29d0ca48d4fa", "source": "cve@mitre.org"}, {"url": "https://uk.humaxdigital.com/network/hga12r-02/", "tags": ["Product", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-319"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on HUMAX HGA12R-02 BRGCAA 1.1.53 devices. A vulnerability in the authentication functionality in the web-based interface could allow an unauthenticated remote attacker to capture packets at the time of authentication and gain access to the cleartext password. An attacker could use this access to create a new user account or control the device."}, {"lang": "es", "value": "Se detect\u00f3 un problema en los dispositivos HUMAX HGA12R-02 BRGCAA versi\u00f3n 1.1.53. Una vulnerabilidad en la funcionalidad de autenticaci\u00f3n en la interfaz basada en web podr\u00eda permitir a un atacante remoto no autenticado capturar paquetes al momento de la autenticaci\u00f3n y conseguir acceso a la contrase\u00f1a en texto sin cifrar. Un atacante podr\u00eda usar este acceso para crear una nueva cuenta de usuario o controlar el dispositivo."}], "lastModified": "2023-11-07T03:26:54.540", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:humaxdigital:hga12r-02_firmware:brgcaa1.1.53:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80199A20-F1AD-4A0E-90EC-A418877F981F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:humaxdigital:hga12r-02:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "766FA815-C4FA-41ED-A8AC-CC725FAEA798"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}