Altus Nexto Nx5100 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Altus Nexto Nx5100 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
- CVE-2021-39244 — CVSS 8.8 (high): Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the…
- CVE-2021-39245 — CVSS 7.5 (high): Hardcoded .htaccess Credentials for getlogs.cgi exist on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices. This affects Nexto NX3003…
- CVE-2021-39243 — CVSS 6.5 (medium): Cross-Site Request Forgery (CSRF) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via any CGI endpoint. This affects Nexto…