What is CVE-2021-28151?

CVE-2021-28151 is a vulnerability in N/a. Published 2021-05-06.

Is CVE-2021-28151 known to be exploited?

12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2021-28151

Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest.

EPSS: 0.927 (99.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

0day404/vulnerability-poc
20142995/nuclei-templates
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
ArrestX/--POC
KayCHENvip/vulnerability-poc
Miraitowa70/POC-Notes
SexyBeast233/SecBooks
Threekiii/Awesome-POC
XiaomingX/awesome-poc-for-red-team

References

en.hongdian.com/Products/Details/H8922 (x_refsource_MISC)
ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/ (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-28151?: CVE-2021-28151 is a vulnerability in N/a. Published 2021-05-06.
Is CVE-2021-28151 known to be exploited?: 12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.