Posted by Gergely Eberhardt on Jul 25

Hitron CGNV4 modem/router multiple vulnerabilities
————————————————–

Platforms / Firmware confirmed affected:
– Hitron CGNV4, 4.3.9.9-SIP-UPC
– Product page: http://www.hitrontech.com/en/cable_detail.php?id=62

Vulnerabilities
—————
Insecure session management
The web interface uses insecure cookies, which can be brute-forced
easily (e.g cookie: userid=0). If admin login is successful, the IP
address of…