CVE-2021-37028
There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands.
Source: CVE-2021-37028