Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sierra wireless vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2016-5068
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
Sierrawireless Aleos Firmware 4.3.2
890
VMScore
CVE-2016-5066
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.
Sierrawireless Aleos Firmware 4.3.2
668
VMScore
CVE-2016-5069
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
Sierrawireless Aleos Firmware 4.3.2
NA
CVE-2020-11101
Sierra Wireless AirLink Mobility Manager (AMM) prior to 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges.
Sierrawireless Airlink Mobility Manager
NA
CVE-2019-13988
Sierra Wireless MGOS prior to 3.15.2 and 4.x prior to 4.3 allows malicious users to read log files via a Direct Request (aka Forced Browsing).
Sierrawireless Mgos
890
VMScore
CVE-2013-2820
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote malicious users to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.
Sierrawireless Raven X Ev-do Firmware 4221 4.0.11.003
Sierrawireless Raven X Ev-do Firmware 4228 4.0.11.003
Sierrawireless Airlink Mp Row -
Sierrawireless Airlink Mp Row Wifi -
Sierrawireless Airlink Mp Sprint -
Sierrawireless Airlink Mp Sprint Wifi -
Sierrawireless Airlink Mp Verizon -
Sierrawireless Airlink Mp Bell -
Sierrawireless Airlink Mp Telus -
Sierrawireless Airlink Mp Verizon Wifi -
Sierrawireless Pinpoint Xt -
Sierrawireless Airlink Mp At\\&t -
Sierrawireless Airlink Mp At\\&t Wifi -
Sierrawireless Raven Xt -
Sierrawireless Raven Xe -
Sierrawireless Raven X -
Sierrawireless Airlink Mp Bell Wifi -
Sierrawireless Airlink Mp Telus Wifi -
Sierrawireless Raven X Ev-do -
Sierrawireless Pinpoint X -
694
VMScore
CVE-2020-9844
A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
Apple Iphone Os
Apple Ipados
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
1 Article
828
VMScore
CVE-2013-2819
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote malicious users to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1) update or (2) reprogramming action.
Sierrawireless Raven X Ev-do Firmware 4221 4.0.11.003
Sierrawireless Raven X Ev-do Firmware 4228 4.0.11.003
Sierrawireless Pinpoint Xt -
Sierrawireless Pinpoint X -
Sierrawireless Raven Xt -
Sierrawireless Raven Xe -
Sierrawireless Airlink Mp At\\&t -
Sierrawireless Airlink Mp Bell -
Sierrawireless Airlink Mp Sprint Wifi -
Sierrawireless Airlink Mp Verizon Wifi -
Sierrawireless Airlink Mp Telus -
Sierrawireless Airlink Mp Telus Wifi -
Sierrawireless Airlink Mp Row -
Sierrawireless Airlink Mp Row Wifi -
Sierrawireless Airlink Mp Sprint -
Sierrawireless Airlink Mp At\\&t Wifi -
Sierrawireless Airlink Mp Bell Wifi -
Sierrawireless Airlink Mp Verizon -
Sierrawireless Raven X Ev-do -
Sierrawireless Raven X -
NA
CVE-2019-11851
The ACENet service in Sierra Wireless ALEOS prior to 4.4.9, 4.5.x up to and including 4.9.x prior to 4.9.5, and 4.10.x up to and including 4.13.x prior to 4.14.0 allows remote malicious users to execute arbitrary code via a buffer overflow.
Sierrawireless Aleos
383
VMScore
CVE-2015-6479
ACEmanager in Sierra Wireless ALEOS 4.4.2 and previous versions on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote malicious users to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspecified vect...
Sierrawireless Aleos
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »