Lucene search

Hsmx-app-1000 Firmware Security Vulnerabilities

cve

CVE-2021-40517

Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access.

5.4CVSS

5.2AI Score

0.001EPSS

2021-11-10 05:15 PM

cve

CVE-2021-40518

Airangel HSMX Gateway devices through 5.2.04 allow CSRF.

6.5CVSS

6.5AI Score

0.001EPSS

2021-11-10 04:15 PM

cve

CVE-2021-40519

Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials.

10CVSS

9.5AI Score

0.003EPSS

2021-11-10 04:15 PM

cve

CVE-2021-40520

Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials.

9.8CVSS

9.5AI Score

0.003EPSS

2021-11-10 05:15 PM

cve

CVE-2021-40521

Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution.

9.8CVSS

9.7AI Score

0.013EPSS

2021-11-10 04:15 PM