Vulnerabilities > Sierrawireless > Airlink Es450 Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-31 | CVE-2018-4064 | Improper Authentication vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 5.5 |
2019-05-06 | CVE-2018-4073 | Incorrect Permission Assignment for Critical Resource vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 6.5 |
2019-05-06 | CVE-2018-4072 | Incorrect Permission Assignment for Critical Resource vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 6.5 |
2019-05-06 | CVE-2018-4071 | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 4.0 |
2019-05-06 | CVE-2018-4070 | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 4.0 |
2019-05-06 | CVE-2018-4067 | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable information disclosure vulnerability exists in the ACEManager template_load.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 4.0 |
2019-05-06 | CVE-2018-4066 | Cross-Site Request Forgery (CSRF) vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable cross-site request forgery vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 6.8 |
2019-05-06 | CVE-2018-4065 | Cross-site Scripting vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 4.3 |
2019-05-06 | CVE-2018-4069 | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An information disclosure vulnerability exists in the ACEManager authentication functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 5.0 |
2019-05-06 | CVE-2018-4068 | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable information disclosure vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 5.0 |