CVE-2016-5071

Name of the Vulnerable Software and Affected Versions Sierra Wireless AirLink GX 440 with ALEOS firmware version 4.3.2

Description The issue is related to insufficient access control in the ALEOS software of the Sierra Wireless AirLink GX 440 wireless gateway. Exploitation of this issue may allow a remote attacker to execute commands using the management web interface with root privileges.

Recommendations For Sierra Wireless AirLink GX 440 with ALEOS firmware version 4.3.2, consider restricting access to the management web interface until a patch is available. As a temporary workaround, limit the execution of commands with root privileges to minimize the risk of exploitation.