Vulnerabilities > Altus

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-23	CVE-2021-39243	Cross-Site Request Forgery (CSRF) vulnerability in Altus products Cross-Site Request Forgery (CSRF) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via any CGI endpoint. network altus CWE-352	4.3
2021-08-23	CVE-2021-39244	OS Command Injection vulnerability in Altus products Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi tcpdump feature. network low complexity altus CWE-78 critical	9.0
2021-08-23	CVE-2021-39245	Use of Hard-coded Credentials vulnerability in Altus products Hardcoded .htaccess Credentials for getlogs.cgi exist on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices. network low complexity altus CWE-798	5.0

Vulnerabilities > Altus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Altus"}]}