CVE-2016-5065
CRITICAL
9.8
CVSS Severity Score
Vulnerability Description
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
Affected Platforms (CPE)
💻
Sierrawireless
返回 CVE 浏览器
相关漏洞威胁
CVE-2016-50669.8
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.
CVE-2016-50689.8
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
CVE-2016-50699.8
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
CVE-2016-50709.8
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.