CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Airangel Hsmx Gateway is a platform from Airangel UK, Inc. A hard-coded credential vulnerability exists in versions of Airangel Hsmx Gateway prior to 5.2.04, which stems from the use of PostgreSQL database credentials hard-coded in the configuration file. An attacker could steal this credential t...

10CVSS3AI score0.00314EPSS

Exploits1References1

CNVD•added 2021/11/13 12:0 a.m.•24 views

Airangel Hsmx Gateway Cross-Site Request Forgery Vulnerability

Airangel Hsmx Gateway is a platform from Airangel UK, Inc. used to manage authentication and billing in the network.A cross-site request forgery vulnerability exists in Airangel Hsmx Gateway prior to 5.2.04, which stems from a WEB application that does not adequately verify that the request is fr...

6.5CVSS1.9AI score0.00161EPSS

Exploits1References1

CNVD•added 2021/11/13 12:0 a.m.•17 views

Airangel Hsmx Gateway Remote Code Execution Vulnerability

Airangel Hsmx Gateway is a platform from Airangel UK, Inc. It is used to manage authentication and billing in the network.A remote code execution vulnerability exists in Airangel Hsmx Gateway prior to 5.2.04, which originates when a remote server controlled by an attacker downloads and runs a...

10CVSS3AI score0.08856EPSS

Exploits1References1

NVD•added 2021/11/10 5:15 p.m.•9 views

CVE-2021-40520

Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials...

9.8CVSS0.00405EPSS

Exploits1References2

OSV•added 2021/11/10 5:15 p.m.•2 views

CVE-2021-40520

Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials...

9.8CVSS5.8AI score0.00405EPSS

Exploits1References2

NVD•added 2021/11/10 5:15 p.m.•11 views

CVE-2021-40517

Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access...

5.4CVSS0.00206EPSS

Exploits1References2

OSV•added 2021/11/10 5:15 p.m.•2 views

CVE-2021-40517

Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access...

5.4CVSS6.1AI score0.00206EPSS

Exploits1References2

Prion•added 2021/11/10 5:15 p.m.•18 views

Command injection

Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials...

5CVSS9.4AI score0.00405EPSS

Exploits1References2Affected Software5

Prion•added 2021/11/10 5:15 p.m.•16 views

Cross site scripting

Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access...

3.5CVSS5.2AI score0.00206EPSS

Exploits1References2Affected Software5

NVD•added 2021/11/10 4:15 p.m.•8 views

CVE-2021-40521

Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution...

10CVSS0.08856EPSS

Exploits1References2

NVD•added 2021/11/10 4:15 p.m.•8 views

CVE-2021-40519

Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials...

10CVSS0.00314EPSS

Exploits1References2