RSS   Vulnerabilities for 'Aleos firmware'   RSS

2017-04-09
 
CVE-2016-5071

 

 
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root.

 
 
CVE-2016-5070

 

 
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.

 
 
CVE-2016-5069

 

 
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.

 
 
CVE-2016-5068

 

 
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.

 
 
CVE-2016-5067

 

 
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.

 
 
CVE-2016-5066

 

 
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.

 
 
CVE-2016-5065

 

 
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.

 

 >>> Vendor: Sierrawireless 26 Products
Airlink mp at&t
Airlink mp at&t wifi
Airlink mp bell
Airlink mp bell wifi
Airlink mp row
Airlink mp row wifi
Airlink mp sprint
Airlink mp sprint wifi
Airlink mp telus
Airlink mp telus wifi
Airlink mp verizon
Airlink mp verizon wifi
Pinpoint x
Pinpoint xt
Raven x
Raven x ev-do
Raven xe
Raven xt
Raven x ev-do firmware
Aleos
Aleos firmware
Sierra wireless location sensor driver
Sierra wireless em7455 software
Sierra wireless em7345 software
Airlink es450 firmware
Mobile broadband driver package


Copyright 2024, cxsecurity.com

 

Back to Top