These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2017-5137 is an information disclosure issue affecting SendQuick Entera and Avera devices before 2HF16. According to NVD, an attacker could request and download SMS logs from an unauthenticated perspective, which could expose sensitive message content and related metadata. The CVE was published on 2017-02-05 and later modified in NVD on 2026-05-13.
CVE-2017-5136 is a high-severity authorization flaw affecting SendQuick Entera and Avera devices before 2HF16. The application failed to verify access control on a request, which could allow an attacker to trigger a system shutdown. Because the issue is network-reachable and does not require user interaction or privileges, it is primarily an availability risk for exposed appliances.
CVE-2016-10098 is a critical command injection vulnerability affecting SendQuick Entera and Avera SMS gateway appliances before 2HF16. The issue is documented as allowing attackers to execute arbitrary system commands, and NVD classifies it as remotely reachable with no authentication and no user interaction required. Organizations using these appliances should treat exposed management or service interfac [truncated]