A vulnerability was found in Altus Nexto NX3003, Nexto NX3004, Nexto NX3005, Nexto NX3010, Nexto NX3020, Nexto NX3030, Nexto NX5100, Nexto NX5101, Nexto NX5110, Nexto NX5210, Nexto Xpress XP300, Nexto Xpress XP315, Nexto Xpress XP325, Nexto Xpress XP340 and Hadron Xtorm HX3040. It has been rated as critical. Affected by this issue is an unknown function of the file getlogs.cgi. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Altus Hadron Xtorm HX3040 getlogs.cgi hard-coded credentials
- Virtual Patching
- August 23, 2021
- 12:04 pm
CVE-2022-1401 : DEVICE42 ASSET MANAGEMENT APPLIANCE PRIOR 18.01.00 WRIMAGERESOURCE.ADX ACCESS CONTROL
Description Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker
CVE-2022-36310 : AIRSPAN AIRVELOCITY 1500 PRIOR 15.18.00.2511 SNMPD INHERENTLY DANGEROUS FUNCTION
Description Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with
CVE-2022-2814 : SOURCECODESTER SIMPLE AND NICE SHOPPING CART SCRIPT /MKSHOPE/LOGIN.PHP MSG CROSS SITE SCRIPTING
Description A vulnerability has been found in SourceCodester Simple and Nice Shopping Cart Script and classified as problematic. Affected by