Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
airspan vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-21141
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization checks on multiple API functions. An attacker may gain access to these functions and achieve remo...
Airspan Mimosa Management Platform
Airspan C6x Firmware
Airspan C5x Firmware
Airspan C5c Firmware
Airspan A5x Firmware
9.8
CVSSv3
CVE-2022-21143
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input on several locations, which may allow an malicious user to inject arbitrary commands.
Airspan Mimosa Management Platform
Airspan C6x Firmware
Airspan C5x Firmware
Airspan C5c Firmware
Airspan A5x Firmware
9.8
CVSSv3
CVE-2022-21196
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization and authentication checks on multiple API routes. An attacker may gain access to these API routes...
Airspan Mimosa Management Platform
Airspan C6x Firmware
Airspan C5x Firmware
Airspan C5c Firmware
Airspan A5x Firmware
6.5
CVSSv3
CVE-2022-21800
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 uses the MD5 algorithm to hash the passwords before storing them but does not salt the hash. As a result, attackers may be able to crac...
Airspan Mimosa Management Platform
Airspan C6x Firmware
Airspan C5x Firmware
Airspan C5c Firmware
Airspan A5x Firmware
9.8
CVSSv3
CVE-2022-21215
This vulnerability could allow an malicious user to force the server to create and execute a web request granting access to backend APIs that are only accessible to the Mimosa MMP server, or request pages that could perform some actions themselves. The attacker could force the se...
Airspan Mimosa Management Platform
Airspan C6x Firmware
Airspan C5x Firmware
Airspan C5c Firmware
Airspan A5x Firmware
7.5
CVSSv3
CVE-2022-21176
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input, which may allow an malicious user to perform a SQL injection and obtain sensitive information.
Airspan Mimosa Management Platform
Airspan C6x Firmware
Airspan C5x Firmware
Airspan C5c Firmware
Airspan A5x Firmware
7.5
CVSSv3
CVE-2022-0138
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 has a deserialization function that does not validate or check the data, allowing arbitrary classes to be created.
Airspan Mimosa Management Platform
Airspan C6x Firmware
Airspan C5x Firmware
Airspan C5c Firmware
Airspan A5x Firmware
NA
CVE-2008-1262
The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not verify authentication credentials, which allows remote malicious users to (1) upload malformed firmware or (2) bind the antenna to a different WiMAX base station via unspecified reques...
Airspan Wimax Prost 4.1
1 EDB exploit
6.8
CVSSv3
CVE-2022-36307
The AirVelocity 1500 prints SNMP credentials on its physically accessible serial port during boot. This was fixed in AirVelocity 1500 software version 15.18.00.2511 and may affect other AirVelocity and AirSpeed models.
Airspan Airvelocity 1500 Firmware
NA
CVE-2008-1543
The Advanced User Interface Pages in the ProST Web Management component on the Airspan WiMAX ProST have a certain default User ID and password, which makes it easier for remote malicious users to obtain partial administrative access, a different vulnerability than CVE-2008-1262.
Airspan Prost Web Management
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »