HSMX Gateway
by Airangel
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-40519 | Cri | 0.65 | 10.0 | 0.01 | Nov 10, 2021 | Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials. | ||
| CVE-2021-40520 | Cri | 0.64 | 9.8 | 0.01 | Nov 10, 2021 | Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials. | ||
| CVE-2021-40521 | Cri | 0.64 | 9.8 | 0.04 | Nov 10, 2021 | Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution. | ||
| CVE-2021-40518 | Med | 0.42 | 6.5 | 0.00 | Nov 10, 2021 | Airangel HSMX Gateway devices through 5.2.04 allow CSRF. | ||
| CVE-2021-40517 | Med | 0.35 | 5.4 | 0.01 | Nov 10, 2021 | Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access. |
- risk 0.65cvss 10.0epss 0.01
Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials.
- risk 0.64cvss 9.8epss 0.01
Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials.
- risk 0.64cvss 9.8epss 0.04
Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution.
- risk 0.42cvss 6.5epss 0.00
Airangel HSMX Gateway devices through 5.2.04 allow CSRF.
- risk 0.35cvss 5.4epss 0.01
Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access.