Vulnerabilities > Sierrawireless
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-06 | CVE-2020-8782 | Unspecified vulnerability in Sierrawireless Aleos Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution. | 7.5 |
2020-10-06 | CVE-2020-8781 | Unspecified vulnerability in Sierrawireless Aleos Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-privilege process. | 7.2 |
2020-08-21 | CVE-2019-11862 | Incorrect Authorization vulnerability in Sierrawireless Aleos The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying. | 4.6 |
2020-08-21 | CVE-2019-11859 | Classic Buffer Overflow vulnerability in Sierrawireless Aleos A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root. | 9.0 |
2020-08-21 | CVE-2019-11858 | Classic Buffer Overflow vulnerability in Sierrawireless Aleos Multiple buffer overflow vulnerabilities exist in the AceManager Web API of ALEOS before 4.13.0, 4.9.5, and 4.4.9. | 6.5 |
2020-08-21 | CVE-2019-11857 | Improper Input Validation vulnerability in Sierrawireless Aleos Lack of input sanitization in AceManager of ALEOS before 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitive system information. | 4.0 |
2020-08-21 | CVE-2019-11856 | Authentication Bypass by Capture-replay vulnerability in Sierrawireless Aleos A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. | 5.5 |
2020-08-21 | CVE-2019-11855 | Unspecified vulnerability in Sierrawireless Aleos An RPC server is enabled by default on the gateway's LAN of ALEOS before 4.12.0, 4.9.5, and 4.4.9. | 7.5 |
2020-08-21 | CVE-2019-11853 | Command Injection vulnerability in Sierrawireless Aleos Several potential command injections vulnerabilities exist in the AT command interface of ALEOS before 4.11.0, and 4.9.4. | 6.5 |
2020-08-21 | CVE-2019-11852 | Out-of-bounds Read vulnerability in Sierrawireless Aleos An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS before 4.13.0, 4.9.5, and 4.4.9. | 6.4 |