CVE-2021-33822

HIGH

Sing4g 4gee Router Hh70vb Firmware - Denial of Service

Title source: rule

Description

An issue was discovered on 4GEE ROUTER HH70VB Version HH70_E1_02.00_22. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.

Exploits (1)

github WRITEUP 10 stars

by Jian-Xian · poc

https://github.com/Jian-Xian/CVE-POC/tree/master/CVE-2021-33822.md

View Code ZIP pw:eip

References (3)

[Third Party Advisory] https://github.com/shekyan/slowhttptest

View Writeup ZIP pw:eip

[Product, Vendor Advisory] https://www.sing4g.com/product-page/4gee-router-hh70vb-4g-300mbps-2lan-32wifi

[Exploit, Third Party Advisory] https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33822.md

View Exploit ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0056

EPSS Percentile 68.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-400

Status published

Products (1)

sing4g/4gee_router_hh70vb_firmware hh70_e1_02.00_22

Published Jun 18, 2021

Tracked Since Feb 18, 2026