Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sierra wireless vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-5068
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
Sierrawireless Aleos Firmware 4.3.2
10
CVSSv2
CVE-2016-5066
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.
Sierrawireless Aleos Firmware 4.3.2
7.5
CVSSv2
CVE-2016-5069
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
Sierrawireless Aleos Firmware 4.3.2
NA
CVE-2020-11101
Sierra Wireless AirLink Mobility Manager (AMM) prior to 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges.
Sierrawireless Airlink Mobility Manager
NA
CVE-2019-13988
Sierra Wireless MGOS prior to 3.15.2 and 4.x prior to 4.3 allows malicious users to read log files via a Direct Request (aka Forced Browsing).
Sierrawireless Mgos
10
CVSSv2
CVE-2013-2820
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote malicious users to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.
Sierrawireless Raven X Ev-do Firmware 4221 4.0.11.003
Sierrawireless Raven X Ev-do Firmware 4228 4.0.11.003
Sierrawireless Airlink Mp Row -
Sierrawireless Airlink Mp Row Wifi -
Sierrawireless Airlink Mp Sprint -
Sierrawireless Airlink Mp Sprint Wifi -
Sierrawireless Airlink Mp Verizon -
Sierrawireless Airlink Mp Bell -
Sierrawireless Airlink Mp Telus -
Sierrawireless Airlink Mp Verizon Wifi -
Sierrawireless Pinpoint Xt -
Sierrawireless Airlink Mp At\\&t -
Sierrawireless Airlink Mp At\\&t Wifi -
Sierrawireless Raven Xt -
Sierrawireless Raven Xe -
Sierrawireless Raven X -
Sierrawireless Airlink Mp Bell Wifi -
Sierrawireless Airlink Mp Telus Wifi -
Sierrawireless Raven X Ev-do -
Sierrawireless Pinpoint X -
7.8
CVSSv2
CVE-2020-9844
A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
Apple Iphone Os
Apple Ipados
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
1 Article
9.3
CVSSv2
CVE-2013-2819
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote malicious users to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1) update or (2) reprogramming action.
Sierrawireless Raven X Ev-do Firmware 4221 4.0.11.003
Sierrawireless Raven X Ev-do Firmware 4228 4.0.11.003
Sierrawireless Pinpoint Xt -
Sierrawireless Pinpoint X -
Sierrawireless Raven Xt -
Sierrawireless Raven Xe -
Sierrawireless Airlink Mp At\\&t -
Sierrawireless Airlink Mp Bell -
Sierrawireless Airlink Mp Sprint Wifi -
Sierrawireless Airlink Mp Verizon Wifi -
Sierrawireless Airlink Mp Telus -
Sierrawireless Airlink Mp Telus Wifi -
Sierrawireless Airlink Mp Row -
Sierrawireless Airlink Mp Row Wifi -
Sierrawireless Airlink Mp Sprint -
Sierrawireless Airlink Mp At\\&t Wifi -
Sierrawireless Airlink Mp Bell Wifi -
Sierrawireless Airlink Mp Verizon -
Sierrawireless Raven X Ev-do -
Sierrawireless Raven X -
NA
CVE-2019-11851
The ACENet service in Sierra Wireless ALEOS prior to 4.4.9, 4.5.x up to and including 4.9.x prior to 4.9.5, and 4.10.x up to and including 4.13.x prior to 4.14.0 allows remote malicious users to execute arbitrary code via a buffer overflow.
Sierrawireless Aleos
4.3
CVSSv2
CVE-2015-6479
ACEmanager in Sierra Wireless ALEOS 4.4.2 and previous versions on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote malicious users to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspecified vect...
Sierrawireless Aleos
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »