Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sierrawireless aleos vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2019-11852
An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS prior to 4.13.0, 4.9.5, and 4.4.9. Sensitive information may be disclosed via the ACEviewservice, accessible by default on the LAN.
Sierrawireless Aleos
6.5
CVSSv2
CVE-2019-11853
Several potential command injections vulnerabilities exist in the AT command interface of ALEOS prior to 4.11.0, and 4.9.4.
Sierrawireless Aleos
7.5
CVSSv2
CVE-2019-11855
An RPC server is enabled by default on the gateway's LAN of ALEOS prior to 4.12.0, 4.9.5, and 4.4.9.
Sierrawireless Aleos
4
CVSSv2
CVE-2019-11857
Lack of input sanitization in AceManager of ALEOS prior to 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitive system information.
Sierrawireless Aleos
9
CVSSv2
CVE-2019-11859
A buffer overflow exists in the SMS handler API of ALEOS prior to 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root.
Sierrawireless Aleos
4.6
CVSSv2
CVE-2019-11862
The SSH service on ALEOS prior to 4.12.0, 4.9.5, 4.4.9 allows traffic proxying.
Sierrawireless Aleos
10
CVSSv2
CVE-2018-10251
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware prior to 4.4.7 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware prior to 4.9.3 could allow an unauthenticated remote malicious user to execute arbitrary code and ga...
Sierrawireless Aleos
9
CVSSv2
CVE-2016-5067
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.
Sierrawireless Aleos Firmware 4.3.2
5
CVSSv2
CVE-2016-5070
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.
Sierrawireless Aleos Firmware 4.3.2
10
CVSSv2
CVE-2016-5071
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root.
Sierrawireless Aleos Firmware 4.3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »