Filtered by vendor Sierrawireless
Subscribe
Total
56 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-4063 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2025-12-15 | 9.0 HIGH | 8.8 HIGH |
|
An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability.
|
|||||
| CVE-2017-9247 | 1 Sierrawireless | 3 Sierra Wireless Em7345 Software, Sierra Wireless Em7455 Software, Sierra Wireless Location Sensor Driver | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
|
Multiple unquoted service path vulnerabilities in Sierra Wireless Windows Mobile Broadband Driver Package (MBDP) with build ID < 4657 allows local users to launch processes with elevated privileges.
|
|||||
| CVE-2016-5066 | 1 Sierrawireless | 2 Aleos Firmware, Gx 440 | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
|
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 have weak passwords for admin, rauser, sconsole, and user.
|
|||||
| CVE-2016-5068 | 1 Sierrawireless | 2 Aleos Firmware, Gx 440 | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
|
|||||
| CVE-2016-5070 | 1 Sierrawireless | 2 Aleos Firmware, Gx 440 | 2025-04-20 | 5.0 MEDIUM | 9.8 CRITICAL |
|
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 store passwords in cleartext.
|
|||||
| CVE-2016-5065 | 1 Sierrawireless | 2 Aleos Firmware, Gx 440 | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection.
|
|||||
| CVE-2016-5071 | 1 Sierrawireless | 2 Aleos Firmware, Gx 440 | 2025-04-20 | 10.0 HIGH | 8.8 HIGH |
|
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 execute the management web application as root.
|
|||||
| CVE-2016-5069 | 1 Sierrawireless | 2 Aleos Firmware, Gx 440 | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL.
|
|||||
| CVE-2016-5067 | 1 Sierrawireless | 2 Aleos Firmware, Gx 440 | 2025-04-20 | 9.0 HIGH | 8.8 HIGH |
|
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection.
|
|||||
| CVE-2019-11851 | 1 Sierrawireless | 13 Aleos, Es440, Es450 and 10 more | 2025-04-16 | N/A | 9.8 CRITICAL |
|
The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow.
|
|||||
| CVE-2020-11101 | 1 Sierrawireless | 1 Airlink Mobility Manager | 2025-04-14 | N/A | 9.8 CRITICAL |
|
Sierra Wireless AirLink Mobility Manager (AMM) before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges.
|
|||||
| CVE-2019-13988 | 1 Sierrawireless | 3 Airlink Mg90, Airlink Omg2000, Mgos | 2025-04-14 | N/A | 6.5 MEDIUM |
|
Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request (aka Forced Browsing).
|
|||||
| CVE-2015-2897 | 1 Sierrawireless | 6 Airlink Es440, Airlink Es450, Airlink Gx440 and 3 more | 2025-04-12 | 10.0 HIGH | N/A |
|
Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNET session.
|
|||||
| CVE-2015-6479 | 1 Sierrawireless | 7 Aleos, Es440, Es450 and 4 more | 2025-04-12 | 4.3 MEDIUM | 4.3 MEDIUM |
|
ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspecified vectors.
|
|||||
| CVE-2013-2820 | 1 Sierrawireless | 19 Airlink Mp At\&t, Airlink Mp At\&t Wifi, Airlink Mp Bell and 16 more | 2025-04-11 | 10.0 HIGH | N/A |
|
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.
|
|||||
| CVE-2013-2819 | 1 Sierrawireless | 19 Airlink Mp At\&t, Airlink Mp At\&t Wifi, Airlink Mp Bell and 16 more | 2025-04-11 | 9.3 HIGH | N/A |
|
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1) update or (2) reprogramming action.
|
|||||
| CVE-2022-46650 | 1 Sierrawireless | 9 Aleos, Es450, Gx450 and 6 more | 2025-03-24 | N/A | 4.9 MEDIUM |
|
Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page.
|
|||||
| CVE-2022-46649 | 1 Sierrawireless | 9 Aleos, Es450, Gx450 and 6 more | 2025-03-24 | N/A | 8.8 HIGH |
|
Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device.
|
|||||
| CVE-2023-40462 | 2 Debian, Sierrawireless | 9 Debian Linux, Aleos, Es450 and 6 more | 2025-02-13 | N/A | 7.5 HIGH |
|
The ACEManager
component of ALEOS 4.16 and earlier does not
perform input
sanitization during authentication, which could
potentially result
in a Denial of Service (DoS) condition for
ACEManager without
impairing other router functions. ACEManager
recovers from the
DoS condition by restarting within ten seconds of
becoming
unavailable.
|
|||||
| CVE-2023-40465 | 1 Sierrawireless | 8 Aleos, Es450, Gx450 and 5 more | 2024-11-21 | N/A | 8.3 HIGH |
|
Several versions of
ALEOS, including ALEOS 4.16.0, include an opensource
third-party
component which can be exploited from the local
area network,
resulting in a Denial of Service condition for the captive portal.
|
|||||
| CVE-2023-40464 | 1 Sierrawireless | 8 Aleos, Es450, Gx450 and 5 more | 2024-11-21 | N/A | 8.1 HIGH |
|
Several versions of
ALEOS, including ALEOS 4.16.0, use a hardcoded
SSL certificate and
private key. An attacker with access to these items
could potentially
perform a man in the middle attack between the
ACEManager client
and ACEManager server.
|
|||||
| CVE-2023-40463 | 1 Sierrawireless | 8 Aleos, Es450, Gx450 and 5 more | 2024-11-21 | N/A | 8.1 HIGH |
|
When configured in
debugging mode by an authenticated user with
administrative
privileges, ALEOS 4.16 and earlier store the SHA512
hash of the common
root password for that version in a directory
accessible to a user
with root privileges or equivalent access.
|
|||||
| CVE-2023-40461 | 1 Sierrawireless | 8 Aleos, Es450, Gx450 and 5 more | 2024-11-21 | N/A | 8.1 HIGH |
|
The ACEManager
component of ALEOS 4.16 and earlier allows an
authenticated user
with Administrator privileges to access a file
upload field which
does not fully validate the file name, creating a
Stored Cross-Site
Scripting condition.
|
|||||
| CVE-2023-40460 | 1 Sierrawireless | 8 Aleos, Es450, Gx450 and 5 more | 2024-11-21 | N/A | 7.1 HIGH |
|
The ACEManager
component of ALEOS 4.16 and earlier does not
validate uploaded
file names and types, which could potentially allow
an authenticated
user to perform client-side script execution within
ACEManager, altering
the device functionality until the device is
restarted.
|
|||||
| CVE-2023-40459 | 1 Sierrawireless | 8 Aleos, Es450, Gx450 and 5 more | 2024-11-21 | N/A | 7.5 HIGH |
|
The
ACEManager component of ALEOS 4.16 and earlier does not adequately perform
input sanitization during authentication, which could potentially result in a
Denial of Service (DoS) condition for ACEManager without impairing other router
functions. ACEManager recovers from the DoS condition by restarting within ten
seconds of becoming unavailable.
|
|||||
| CVE-2023-40458 | 1 Sierrawireless | 1 Aleos | 2024-11-21 | N/A | 7.5 HIGH |
|
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Sierra Wireless, Inc ALEOS could potentially allow a remote attacker to trigger a
Denial of Service (DoS) condition for ACEManager without impairing
other router functions. This condition is cleared by restarting the
device.
|
|||||
| CVE-2023-38321 | 1 Sierrawireless | 6 Aleos, Lx40, Lx60 and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
|
OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter and client-token.
|
|||||
| CVE-2020-8948 | 1 Sierrawireless | 1 Mobile Broadband Driver Package | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
The Sierra Wireless Windows Mobile Broadband Driver Packages (MBDP) before build 5043 allows an unprivileged user to overwrite arbitrary files in arbitrary folders using hard links. An unprivileged user could leverage this vulnerability to execute arbitrary code with system privileges.
|
|||||
| CVE-2020-8782 | 1 Sierrawireless | 14 Airlink Es440, Airlink Es450, Airlink Gx400 and 11 more | 2024-11-21 | 7.5 HIGH | 7.5 HIGH |
|
Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution.
|
|||||
| CVE-2020-8781 | 1 Sierrawireless | 14 Airlink Es440, Airlink Es450, Airlink Gx400 and 11 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-privilege process.
|
|||||
| CVE-2019-11862 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2024-11-21 | 4.6 MEDIUM | 8.1 HIGH |
|
The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying.
|
|||||
| CVE-2019-11859 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2024-11-21 | 9.0 HIGH | 6.0 MEDIUM |
|
A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root.
|
|||||
| CVE-2019-11858 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2024-11-21 | 6.5 MEDIUM | 5.7 MEDIUM |
|
Multiple buffer overflow vulnerabilities exist in the AceManager Web API of ALEOS before 4.13.0, 4.9.5, and 4.4.9.
|
|||||
| CVE-2019-11857 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2024-11-21 | 4.0 MEDIUM | 9.1 CRITICAL |
|
Lack of input sanitization in AceManager of ALEOS before 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitive system information.
|
|||||
| CVE-2019-11856 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2024-11-21 | 5.5 MEDIUM | 3.3 LOW |
|
A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. Captured traffic to the ACEView service can be replayed to other gateways sharing the same credentials.
|
|||||
| CVE-2019-11855 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2024-11-21 | 7.5 HIGH | 8.1 HIGH |
|
An RPC server is enabled by default on the gateway's LAN of ALEOS before 4.12.0, 4.9.5, and 4.4.9.
|
|||||
| CVE-2019-11853 | 1 Sierrawireless | 9 Airlink Es450, Airlink Gx450, Airlink Lx40 and 6 more | 2024-11-21 | 6.5 MEDIUM | 3.9 LOW |
|
Several potential command injections vulnerabilities exist in the AT command interface of ALEOS before 4.11.0, and 4.9.4.
|
|||||
| CVE-2019-11852 | 1 Sierrawireless | 13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more | 2024-11-21 | 6.4 MEDIUM | 3.7 LOW |
|
An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS before 4.13.0, 4.9.5, and 4.4.9. Sensitive information may be disclosed via the ACEviewservice, accessible by default on the LAN.
|
|||||
| CVE-2019-11850 | 1 Sierrawireless | 7 Airlink Lx40, Airlink Lx60, Airlink Mp70 and 4 more | 2024-11-21 | 4.6 MEDIUM | 6.3 MEDIUM |
|
A stack overflow vulnerabiltity exist in the AT command interface of ALEOS before 4.11.0. The vulnerability may allow code execution
|
|||||
| CVE-2019-11849 | 1 Sierrawireless | 7 Airlink Lx40, Airlink Lx60, Airlink Mp70 and 4 more | 2024-11-21 | 4.6 MEDIUM | 6.3 MEDIUM |
|
A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS before 4.11.0. The vulnerability may allow code execution.
|
|||||