7 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext. Dispositivos Sierra Wireless GX 440 con firmware ALEOS 4.3.2 almacenan contraseñas en texto plano. • https://carvesystems.com/sierra-wireless-2016-advisory.html • CWE-255: Credentials Management Errors •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user. Dispositivos Sierra Wireless GX 440 con firmware ALEOS 4.3.2 tiene contraseñas débiles para admin, rauser, sconsole y usuario. • https://carvesystems.com/sierra-wireless-2016-advisory.html • CWE-255: Credentials Management Errors •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests. Dispositivos Sierra Wireless GX 440 con firmware ALEOS 4.3.2 no requieren autenticación para solicitudes Embedded_Ace_Get_Task.cgi. • https://carvesystems.com/sierra-wireless-2016-advisory.html • CWE-287: Improper Authentication •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root. Dispositivos Sierra Wireless GX 440 con firmware ALEOS 4.3.2 ejecutan la aplicación web de administración como root. • https://carvesystems.com/sierra-wireless-2016-advisory.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL. Dispositivos Sierra Wireless GX 440 con firmware ALEOS 4.3.2 utilizan tokens de sesión adivinables, que están en la URL. • https://carvesystems.com/sierra-wireless-2016-advisory.html • CWE-613: Insufficient Session Expiration •