Description
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. The application failed to check the access control of the request which could result in an attacker being able to shutdown the system.
References (2)
Core 2
Core References
Third Party Advisory, URL Repurposed x_refsource_misc
https://niantech.io/blog/2017/02/05/vulns-multiple-vulns-in-sendquick-entera-avera-sms-gateway-appliances/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/96031
Scores
CVSS v3
7.5
EPSS
0.0179
EPSS Percentile
75.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-862
Status
published
Products (2)
sendquick/avera_sms_gateway_firmware
sendquick/entera_sms_gateway_firmware
Published
Feb 05, 2017
Tracked Since
Feb 18, 2026