CVE-2017-5136

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. The application failed to check the access control of the request which could result in an attacker being able to shutdown the system.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sendquick:entera_sms_gateway_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sendquick:entera_sms_gateway:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:sendquick:avera_sms_gateway_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:sendquick:avera_sms_gateway:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:27

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/96031 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/96031 - Third Party Advisory, VDB Entry
References () https://niantech.io/blog/2017/02/05/vulns-multiple-vulns-in-sendquick-entera-avera-sms-gateway-appliances/ - Third Party Advisory, URL Repurposed () https://niantech.io/blog/2017/02/05/vulns-multiple-vulns-in-sendquick-entera-avera-sms-gateway-appliances/ - Third Party Advisory, URL Repurposed

14 Feb 2024, 01:17

Type Values Removed Values Added
References (MISC) https://niantech.io/blog/2017/02/05/vulns-multiple-vulns-in-sendquick-entera-avera-sms-gateway-appliances/ - Third Party Advisory (MISC) https://niantech.io/blog/2017/02/05/vulns-multiple-vulns-in-sendquick-entera-avera-sms-gateway-appliances/ - Third Party Advisory, URL Repurposed

Information

Published : 2017-02-05 18:59

Updated : 2024-11-21 03:27


NVD link : CVE-2017-5136

Mitre link : CVE-2017-5136

CVE.ORG link : CVE-2017-5136


JSON object : View

Products Affected

sendquick

  • entera_sms_gateway_firmware
  • avera_sms_gateway_firmware
  • avera_sms_gateway
  • entera_sms_gateway
CWE
CWE-862

Missing Authorization