Shodan
Vulnerabilities
Vulnerable Software
Sierrawireless:  >> Gx 440  Security Vulnerabilities
CVE-2016-5065
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
CVSS Score
9.8
EPSS Score
0.007
Published
2017-04-10
CVE-2016-5066
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.
CVSS Score
9.8
EPSS Score
0.0
Published
2017-04-10
CVE-2016-5067
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-04-10
CVE-2016-5068
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
CVSS Score
9.8
EPSS Score
0.0
Published
2017-04-10
CVE-2016-5069
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
CVSS Score
9.8
EPSS Score
0.0
Published
2017-04-10
CVE-2016-5070
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.
CVSS Score
9.8
EPSS Score
0.0
Published
2017-04-10
CVE-2016-5071
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root.
CVSS Score
8.8
EPSS Score
0.0
Published
2017-04-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved