Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sierrawireless aleos vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2019-11859
A buffer overflow exists in the SMS handler API of ALEOS prior to 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root.
Sierrawireless Aleos
4.6
CVSSv2
CVE-2019-11862
The SSH service on ALEOS prior to 4.12.0, 4.9.5, 4.4.9 allows traffic proxying.
Sierrawireless Aleos
7.2
CVSSv2
CVE-2019-11847
An improper privilege management vulnerabitlity exists in ALEOS prior to 4.11.0, 4.9.4 and 4.4.9. An authenticated user can escalate to root via the command shell.
Sierrawireless Aleos
6.5
CVSSv2
CVE-2019-11848
An API abuse vulnerability exists in the AT command API of ALEOS prior to 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values.
Sierrawireless Aleos
4.6
CVSSv2
CVE-2019-11849
A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS prior to 4.11.0. The vulnerability may allow code execution.
Sierrawireless Aleos
10
CVSSv2
CVE-2015-2897
Sierra Wireless ALEOS prior to 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote malicious users to obtain administrative access via a (1) SSH or (2) TELNET session.
Sierrawireless Aleos
7.5
CVSSv2
CVE-2020-8782
Unauthenticated RPC server on ALEOS prior to 4.4.9, 4.9.5, and 4.14.0 allows remote code execution.
Sierrawireless Aleos
10
CVSSv2
CVE-2018-10251
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware prior to 4.4.7 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware prior to 4.9.3 could allow an unauthenticated remote malicious user to execute arbitrary code and ga...
Sierrawireless Aleos
NA
CVE-2023-40462
The ACEManager component of ALEOS 4.16 and previous versions does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS...
Sierrawireless Aleos
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2016-5065
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
Sierrawireless Aleos Firmware 4.3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »