CVE-2016-5069
CRITICAL
9.8
CVSS Severity Score
Vulnerability Description
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
Affected Platforms (CPE)
💻
Sierrawireless
Back to CVE Browser
Related Vulnerabilities
CVE-2016-50659.8
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
CVE-2016-50669.8
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.
CVE-2016-50689.8
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
CVE-2016-50709.8
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.