Vulnerabilities > Airangel > Hsmx APP 20000 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-11-10 CVE-2021-40517 Cross-site Scripting vulnerability in Airangel products
Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting.
network
airangel CWE-79
3.5
3.5
2021-11-10 CVE-2021-40520 Weak Password Requirements vulnerability in Airangel products
Airangel HSMX Gateway devices through 5.2.04 have Weak SSH Credentials.
network
low complexity
airangel CWE-521
5.0
5.0
2021-11-10 CVE-2021-40518 Cross-Site Request Forgery (CSRF) vulnerability in Airangel products
Airangel HSMX Gateway devices through 5.2.04 allow CSRF.
network
airangel CWE-352
4.3
4.3
2021-11-10 CVE-2021-40519 Use of Hard-coded Credentials vulnerability in Airangel products
Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials.
network
low complexity
airangel CWE-798
6.4
6.4
2021-11-10 CVE-2021-40521 Unspecified vulnerability in Airangel products
Airangel HSMX Gateway devices through 5.2.04 allow Remote Code Execution.
network
low complexity
airangel
critical
 10.0
10