Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sierra wireless vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-2054
CRLF injection vulnerability in export.cfg in the web-based administrative console for Sierra Wireless AirCard 760S, 762S, and 763S allows remote malicious users to inject arbitrary headers via CRLF sequences in the save parameter.
Sierra Wireless Sierra Wireless Aircard 763s
Sierra Wireless Sierra Wireless Aircard 760s
Sierra Wireless Sierra Wireless Aircard 762s
4.6
CVSSv2
CVE-2017-9247
Multiple unquoted service path vulnerabilities in Sierra Wireless Windows Mobile Broadband Driver Package (MBDP) with build ID < 4657 allows local users to launch processes with elevated privileges.
Sierrawireless Sierra Wireless Em7455 Software -
Sierrawireless Sierra Wireless Location Sensor Driver -
Sierrawireless Sierra Wireless Em7345 Software -
6.8
CVSSv2
CVE-2017-6042
A Cross-Site Request Forgery issue exists in Sierra Wireless AirLink Raven XE, all versions before 4.0.14, and AirLink Raven XT, all versions before 4.0.11. Affected devices do not verify if a request was intentionally sent by the logged-in user, which may allow an malicious user...
Sierra Wireless Airlink Raven Xe Firmware
Sierra Wireless Airlink Raven Xt Firmware -
5
CVSSv2
CVE-2017-6046
An Insufficiently Protected Credentials issue exists in Sierra Wireless AirLink Raven XE, all versions before 4.0.14, and AirLink Raven XT, all versions before 4.0.11. Sensitive information is insufficiently protected during transmission and vulnerable to sniffing, which could le...
Sierra Wireless Airlink Raven Xe Firmware
Sierra Wireless Airlink Raven Xt Firmware -
10
CVSSv2
CVE-2017-6044
An Improper Authorization issue exists in Sierra Wireless AirLink Raven XE, all versions before 4.0.14, and AirLink Raven XT, all versions before 4.0.11. Several files and directories can be accessed without authentication, which may allow a remote malicious user to perform sensi...
Sierra Wireless Airlink Raven Xe Firmware
Sierra Wireless Airlink Raven Xt Firmware -
5
CVSSv2
CVE-2019-1747
A vulnerability in the implementation of the Short Message Service (SMS) handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote malicious user to trigger a denial of service (DoS) condition on an affected device. The vulnerab...
Cisco Ios 15.8(3)m
Cisco Ios Xe 16.10.1
NA
CVE-2023-40459
The ACEManager component of ALEOS 4.16 and previous versions does not adequately perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers f...
Sierrawireless Aleos
1 Github repository
NA
CVE-2023-40460
The ACEManager component of ALEOS 4.16 and previous versions does not validate uploaded file names and types, which could potentially allow an authenticated user to perform client-side script execution within ACEManager, altering the device functionality until the device is rest...
Sierrawireless Aleos
NA
CVE-2023-40461
The ACEManager component of ALEOS 4.16 and previous versions allows an authenticated user with Administrator privileges to access a file upload field which does not fully validate the file name, creating a Stored Cross-Site Scripting condition.
Sierrawireless Aleos
NA
CVE-2023-40463
When configured in debugging mode by an authenticated user with administrative privileges, ALEOS 4.16 and previous versions store the SHA512 hash of the common root password for that version in a directory accessible to a user with root privileges or equivalent access.
Sierrawireless Aleos
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »