Vulnerability Details CVE-2021-33822
An issue was discovered on 4GEE ROUTER HH70VB Version HH70_E1_02.00_22. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33822.md
- https://github.com/shekyan/slowhttptest
- https://www.sing4g.com/product-page/4gee-router-hh70vb-4g-300mbps-2lan-32wifi
- https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33822.md
- https://github.com/shekyan/slowhttptest
- https://www.sing4g.com/product-page/4gee-router-hh70vb-4g-300mbps-2lan-32wifi
Products affected by CVE-2021-33822
-
cpe:2.3:h:sing4g:4gee_router_hh70vb:-
-
cpe:2.3:o:sing4g:4gee_router_hh70vb_firmware:hh70_e1_02.00_22