CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : Sierra Wireless Equipment : AirLink Vulnerabilities : Infinite Loop, NULL Pointer Dereference, Cross-site Scripting, Reachable Assertion, Use of Hard-coded Credentials, Use of Hard-coded...

8.1CVSS8AI score0.013EPSS

Exploits2References8

CNVD•added 2017/06/29 12:0 a.m.•1 views

Sierra Wireless GX440 Authentication Issues Vulnerability

The Sierra Wireless GX440 is a gateway device from Sierra Wireless Canada. An authentication issue vulnerability exists in Sierra Wireless GX440 devices using version 4.3.2 of the ALEOS firmware, which stems from the program not requesting authentication for EmbeddedAceGetTask.cgi. An attacker...

9.8CVSS7.2AI score0.00043EPSS

Exploits1References1

NVD•added 2017/04/10 3:59 a.m.•10 views

CVE-2016-5065

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow EmbeddedAceSetTask.cgi command injection...

9.8CVSS9.9AI score0.00659EPSS

Exploits1References1

NVD•added 2017/04/10 3:59 a.m.•8 views

CVE-2016-5071

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root...

10CVSS8.9AI score0.00027EPSS

Exploits1References1

OSV•added 2017/04/10 3:59 a.m.•1 views

CVE-2016-5068

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for EmbeddedAceGetTask.cgi requests...

9.8CVSS5.8AI score

Exploits0References1

OSV•added 2017/04/10 3:59 a.m.•1 views

CVE-2016-5070

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext...

9.8CVSS5.8AI score

Exploits0References1

NVD•added 2017/04/10 3:59 a.m.•13 views

CVE-2016-5066

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user...

10CVSS9.6AI score0.00028EPSS

Exploits1References1

OSV•added 2017/04/10 3:59 a.m.•0 views

CVE-2016-5067

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection...

8.8CVSS5.8AI score

Exploits0References1

OSV•added 2017/04/10 3:59 a.m.•1 views

CVE-2016-5066

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user...

9.8CVSS5.8AI score0.00028EPSS

Exploits1References1

NVD•added 2017/04/10 3:59 a.m.•8 views

CVE-2016-5070

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext...

9.8CVSS9.5AI score0.0002EPSS

Exploits1References1

NVD•added 2017/04/10 3:59 a.m.•10 views

CVE-2016-5067

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection...

9CVSS9.1AI score0.00527EPSS

Exploits1References1

OSV•added 2017/04/10 3:59 a.m.•1 views

CVE-2016-5069

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL...

9.8CVSS5.8AI score0.00028EPSS

Exploits1References1

Prion•added 2017/04/10 3:59 a.m.•7 views

Design/Logic Flaw

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext...

5CVSS7.3AI score0.0002EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by