Filtered by vendor Sierrawireless Subscriptions
Filtered by product Aleos Firmware Subscriptions
Total 7 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-5071 1 Sierrawireless 2 Aleos Firmware, Gx 440 2024-11-21 N/A
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root.
CVE-2016-5070 1 Sierrawireless 2 Aleos Firmware, Gx 440 2024-11-21 N/A
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.
CVE-2016-5069 1 Sierrawireless 2 Aleos Firmware, Gx 440 2024-11-21 N/A
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
CVE-2016-5068 1 Sierrawireless 2 Aleos Firmware, Gx 440 2024-11-21 N/A
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
CVE-2016-5067 1 Sierrawireless 2 Aleos Firmware, Gx 440 2024-11-21 N/A
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.
CVE-2016-5066 1 Sierrawireless 2 Aleos Firmware, Gx 440 2024-11-21 N/A
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.
CVE-2016-5065 1 Sierrawireless 2 Aleos Firmware, Gx 440 2024-11-21 N/A
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.