inextrix CVE Vulnerabilities & Metrics

Focus on inextrix vulnerabilities and metrics.

Last updated: 08 Mar 2026, 23:25 UTC

About inextrix Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with inextrix. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total inextrix CVEs: 3
Earliest CVE date: 20 Mar 2020, 18:15 UTC
Latest CVE date: 11 Feb 2026, 21:16 UTC

Latest CVE reference: CVE-2020-37153

Rolling Stats

30-day Count (Rolling): 2
365-day Count (Rolling): 2

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical inextrix CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 1.67

Max CVSS: 5.0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	1
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS inextrix CVEs

These are the five CVEs with the highest CVSS scores for inextrix, sorted by severity first and recency.

CVE-2019-15075 inextrix Published on 20 Mar 2020, 18:15 UTC (CVSS: 5.0)
An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/astpp/application/config/config.php does not have strong random keys, as demonstrated by use of the 8YSDaBtDHAB3EQkxPAyTz2I5DttzA9uR private key and the r)fddEw232f encryption key.
CVE-2020-37153 inextrix Published on 11 Feb 2026, 21:16 UTC (CVSS: 0)
ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin management interfaces. Attackers can exploit these flaws to inject system commands, hijack administrator sessions, and potentially execute arbitrary code with root permissions through cron task manipulation.
CVE-2020-37104 inextrix Published on 11 Feb 2026, 21:16 UTC (CVSS: 0)
ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database information from the /database_backup/ directory.

All CVEs for inextrix

CVE-2020-37153 inextrix vulnerability CVSS: 0 11 Feb 2026, 21:16 UTC

ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin management interfaces. Attackers can exploit these flaws to inject system commands, hijack administrator sessions, and potentially execute arbitrary code with root permissions through cron task manipulation.

CVE-2020-37104 inextrix vulnerability CVSS: 0 11 Feb 2026, 21:16 UTC

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated attackers to download database backup files by predicting backup filename patterns. Attackers can generate a list of 6-digit PIN combinations and fuzz the backup download URL to exfiltrate sensitive database information from the /database_backup/ directory.

CVE-2019-15075 inextrix vulnerability CVSS: 5.0 20 Mar 2020, 18:15 UTC

An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/astpp/application/config/config.php does not have strong random keys, as demonstrated by use of the 8YSDaBtDHAB3EQkxPAyTz2I5DttzA9uR private key and the r)fddEw232f encryption key.