MidnightBSD

Advisories for sendquick

CVE-2016-10098 HIGH

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command Injection vulnerabilities allow attackers to execute arbitrary system commands.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
sendquick entera_sms_gateway_firmware -
sendquick avera_sms_gateway_firmware -
CVE-2017-5136 HIGH

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. The application failed to check the access control of the request which could result in an attacker being able to shutdown the system.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-862,

Products Affected

Vendor Product Version
sendquick entera_sms_gateway_firmware -
sendquick avera_sms_gateway_firmware -
CVE-2017-5137 MEDIUM

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could request and download the SMS logs from an unauthenticated perspective.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-532,

Products Affected

Vendor Product Version
sendquick entera_sms_gateway_firmware -
sendquick avera_sms_gateway_firmware -