Login
Start Free Trial
Research Center
Nexto NX5210 Firmware Research Center
Ne

Nexto NX5210 Firmware

By Altus

Analyzed by TOPIA

Versions 1

CVE 3

🔥 CVE-2021-39244

Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi...

8.8
CVSS
a year ago
Act Now

CVE-2021-39245

Hardcoded .htaccess Credentials for getlogs.cgi exist on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices. This affects Nexto NX3003 1.8.11.0, Next...

7.5
CVSS
a year ago

CVE-2021-39243

Cross-Site Request Forgery (CSRF) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via any CGI endpoint. This affects Nexto NX3003 1.8.11...

6.5
CVSS
a year ago
http://www.vicarius.io is owned and operated by Vicarius Ltd. (the “Company”). All information contained on the Website is purely for informational, and educational purposes and should be independently verified and confirmed. Vicarius does not accept any liability for any loss or damage whatsoever caused in reliance upon such information or services. No statements or information presented in any form by Vicarius is intended as fact, and you agree that you will not consider the statements or information presented on the Website as fact or as a guarantee of performance.

Security Research Topics

By
Aug 18, 2022

February Trending CVEs: CVE-2021-3156

By
Aug 18, 2022

February Trending CVEs: CVE-2020-1472

By
Aug 18, 2022

February Trending CVEs: CVE-2021-24078

By
Aug 18, 2022

Top Trending CVEs of January 2021

By
Aug 18, 2022

Security Vulnerability Examples

By
Aug 18, 2022

Zoom Security Vulnerabilities

By
Aug 18, 2022

What is a Vulnerability?

By
Aug 18, 2022

Top 10 Software Vulnerabilities

By
Aug 18, 2022

Zero-Day Vulnerability: Defense Strategies

last_chanse_04.png

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial
Get a Demo
Start Free Trial!