Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aleos vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2019-11849
A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS prior to 4.11.0. The vulnerability may allow code execution.
Sierrawireless Aleos
409
VMScore
CVE-2019-11850
A stack overflow vulnerabiltity exist in the AT command interface of ALEOS prior to 4.11.0. The vulnerability may allow code execution
Sierrawireless Aleos
NA
CVE-2019-11851
The ACENet service in Sierra Wireless ALEOS prior to 4.4.9, 4.5.x up to and including 4.9.x prior to 4.9.5, and 4.10.x up to and including 4.13.x prior to 4.14.0 allows remote malicious users to execute arbitrary code via a buffer overflow.
Sierrawireless Aleos
668
VMScore
CVE-2019-11855
An RPC server is enabled by default on the gateway's LAN of ALEOS prior to 4.12.0, 4.9.5, and 4.4.9.
Sierrawireless Aleos
356
VMScore
CVE-2019-11857
Lack of input sanitization in AceManager of ALEOS prior to 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitive system information.
Sierrawireless Aleos
801
VMScore
CVE-2019-11859
A buffer overflow exists in the SMS handler API of ALEOS prior to 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root.
Sierrawireless Aleos
409
VMScore
CVE-2019-11862
The SSH service on ALEOS prior to 4.12.0, 4.9.5, 4.4.9 allows traffic proxying.
Sierrawireless Aleos
890
VMScore
CVE-2015-2897
Sierra Wireless ALEOS prior to 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote malicious users to obtain administrative access via a (1) SSH or (2) TELNET session.
Sierrawireless Aleos
NA
CVE-2023-40462
The ACEManager component of ALEOS 4.16 and previous versions does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS...
Sierrawireless Aleos
Debian Debian Linux 10.0
668
VMScore
CVE-2016-5065
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
Sierrawireless Aleos Firmware 4.3.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »