Every CVE whose affected-product data names Inextrix Astpp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-37153 — CVSS 9.8 (critical): ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin…
CVE-2019-15075 — CVSS 7.5 (high): An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/astpp/application/config/config.php does not have strong random keys…
CVE-2020-37104 — CVSS 7.5 (high): ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by…