CVE-2021-33822

HIGH

4GEE ROUTER HH70VB Firmware HH70_E1_02.00_22 - Denial of Service via Incomplete HTTP Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-33822. PoCs published by Jian-Xian.

AI-analyzed exploit summary This repository provides a detailed technical writeup on CVE-2021-33822, a Slow HTTP DoS vulnerability affecting 4GEE ROUTER HH70VB. It includes a description of the attack mechanism, demonstration screenshots, and references to tools like slowhttptest.

Description

An issue was discovered on 4GEE ROUTER HH70VB Version HH70_E1_02.00_22. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.

Exploits (1)

github WRITEUP 10 stars
by Jian-Xian · poc
https://github.com/Jian-Xian/CVE-POC/tree/master/CVE-2021-33822.md

This repository provides a detailed technical writeup on CVE-2021-33822, a Slow HTTP DoS vulnerability affecting 4GEE ROUTER HH70VB. It includes a description of the attack mechanism, demonstration screenshots, and references to tools like slowhttptest.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: 4GEE ROUTER HH70VB Version HH70_E1_02.00_22
No auth needed
Prerequisites: slowhttptest tool · network access to the target router
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.0193
EPSS Percentile 77.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-400
Status published
Products (1)
sing4g/4gee_router_hh70vb_firmware hh70_e1_02.00_22
Published Jun 18, 2021
Tracked Since Feb 18, 2026