Airangel Hsmx-App-1000 Firmware vulnerabilities
5 known vulnerabilities affecting airangel/hsmx-app-1000_firmware.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-40521P2CRITICALCVSS 9.8≤ 5.2.042021-11-10
CVE-2021-40521 [CRITICAL] CVE-2021-40521: Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution.
Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution.
nvd
CVE-2021-40519P2CRITICALCVSS 10.0≤ 5.2.042021-11-10
CVE-2021-40519 [CRITICAL] CWE-798 CVE-2021-40519: Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials.
Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials.
nvd
CVE-2021-40520P3CRITICALCVSS 9.8≤ 5.2.042021-11-10
CVE-2021-40520 [CRITICAL] CWE-521 CVE-2021-40520: Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials.
Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials.
nvd
CVE-2021-40518P4MEDIUMCVSS 6.5≤ 5.2.042021-11-10
CVE-2021-40518 [MEDIUM] CWE-352 CVE-2021-40518: Airangel HSMX Gateway devices through 5.2.04 allow CSRF.
Airangel HSMX Gateway devices through 5.2.04 allow CSRF.
nvd
CVE-2021-40517P4MEDIUMCVSS 5.4≤ 5.2.042021-11-10
CVE-2021-40517 [MEDIUM] CWE-79 CVE-2021-40517: Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Paylo
Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access.
nvd