Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sierra wireless vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-9844
A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
Apple Iphone Os
Apple Ipados
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
1 Article
7.5
CVSSv3
CVE-2018-4069
An information disclosure vulnerability exists in the ACEManager authentication functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The ACEManager authentication functionality is done in plaintext XML to the web server. An attacker can listen to network traffic upstream from...
Sierrawireless Airlink Es450 Firmware 4.9.3
7.5
CVSSv3
CVE-2017-6046
An Insufficiently Protected Credentials issue exists in Sierra Wireless AirLink Raven XE, all versions before 4.0.14, and AirLink Raven XT, all versions before 4.0.11. Sensitive information is insufficiently protected during transmission and vulnerable to sniffing, which could le...
Sierra Wireless Airlink Raven Xe Firmware
Sierra Wireless Airlink Raven Xt Firmware -
7.2
CVSSv3
CVE-2023-40463
When configured in debugging mode by an authenticated user with administrative privileges, ALEOS 4.16 and previous versions store the SHA512 hash of the common root password for that version in a directory accessible to a user with root privileges or equivalent access.
Sierrawireless Aleos
7.1
CVSSv3
CVE-2018-4064
An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a unverified device configuration change, resulting in an unverified change of the user ...
Sierrawireless Airlink Es450 Firmware 4.9.3
6.8
CVSSv3
CVE-2023-40464
Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. An attacker with access to these items could potentially perform a man in the middle attack between the ACEManager client and ACEManager server.
Sierrawireless Aleos
6.8
CVSSv3
CVE-2018-5383
Bluetooth firmware or operating system software drivers in macOS versions prior to 10.13, High Sierra and iOS versions prior to 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Dif...
Google Android 8.0
Google Android 8.1
Google Android 6.0.1
Google Android 7.0
Google Android 7.1.1
Google Android 7.1.2
Google Android 6.0
Apple Iphone Os
Apple Mac Os X
2 Github repositories
1 Article
6.5
CVSSv3
CVE-2019-13988
Sierra Wireless MGOS prior to 3.15.2 and 4.x prior to 4.3 allows malicious users to read log files via a Direct Request (aka Forced Browsing).
Sierrawireless Mgos
6.5
CVSSv3
CVE-2018-4067
An exploitable information disclosure vulnerability exists in the ACEManager template_load.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attac...
Sierrawireless Airlink Es450 Firmware 4.9.3
6.1
CVSSv3
CVE-2018-4065
An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code r...
Sierrawireless Airlink Es450 Firmware 4.9.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »