Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
14 vulnerabilities found for aleos_firmware by sierrawireless
CVE-2016-5071 (GCVE-0-2016-5071)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root.
Severity ?
No CVSS data available.
CWE
- wrong privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "wrong privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5071",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "wrong privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5071",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5070 (GCVE-0-2016-5070)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.
Severity ?
No CVSS data available.
CWE
- stored passwords in cleartext
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "stored passwords in cleartext",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5070",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "stored passwords in cleartext"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5070",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5069 (GCVE-0-2016-5069)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
Severity ?
No CVSS data available.
CWE
- guessable session tokens
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "guessable session tokens",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5069",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "guessable session tokens"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5069",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5068 (GCVE-0-2016-5068)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
Severity ?
No CVSS data available.
CWE
- no authentication
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "no authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5068",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "no authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5068",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5067 (GCVE-0-2016-5067)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.
Severity ?
No CVSS data available.
CWE
- command injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "command injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5067",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5066 (GCVE-0-2016-5066)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.
Severity ?
No CVSS data available.
CWE
- weak passwords
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "weak passwords",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "weak passwords"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5066",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5065 (GCVE-0-2016-5065)
Vulnerability from nvd – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
Severity ?
No CVSS data available.
CWE
- command injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "command injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5065",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5068 (GCVE-0-2016-5068)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
Severity ?
No CVSS data available.
CWE
- no authentication
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "no authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5068",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "no authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5068",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5065 (GCVE-0-2016-5065)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
Severity ?
No CVSS data available.
CWE
- command injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "command injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5065",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5069 (GCVE-0-2016-5069)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
Severity ?
No CVSS data available.
CWE
- guessable session tokens
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "guessable session tokens",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5069",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "guessable session tokens"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5069",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5066 (GCVE-0-2016-5066)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.
Severity ?
No CVSS data available.
CWE
- weak passwords
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "weak passwords",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "weak passwords"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5066",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5071 (GCVE-0-2016-5071)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root.
Severity ?
No CVSS data available.
CWE
- wrong privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "wrong privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5071",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "wrong privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5071",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5067 (GCVE-0-2016-5067)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.
Severity ?
No CVSS data available.
CWE
- command injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.333Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "command injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5067",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5070 (GCVE-0-2016-5070)
Vulnerability from cvelistv5 – Published: 2017-04-10 03:00 – Updated: 2024-08-06 00:46
VLAI?
Summary
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.
Severity ?
No CVSS data available.
CWE
- stored passwords in cleartext
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 |
Affected:
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2
|
Date Public ?
2017-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
],
"datePublic": "2017-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "stored passwords in cleartext",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-10T02:57:02.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5070",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version": {
"version_data": [
{
"version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "stored passwords in cleartext"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-5070",
"datePublished": "2017-04-10T03:00:00.000Z",
"dateReserved": "2016-05-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}