Vulnerabilities > Sierrawireless > Airlink Es450
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-21 | CVE-2019-11847 | Improper Privilege Management vulnerability in Sierrawireless Aleos An improper privilege management vulnerabitlity exists in ALEOS before 4.11.0, 4.9.4 and 4.4.9. | 7.2 |
| 2019-10-31 | CVE-2018-4064 | Improper Authentication vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 5.5 |
| 2019-05-06 | CVE-2018-4073 | Incorrect Permission Assignment for Critical Resource vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 6.5 |
| 2019-05-06 | CVE-2018-4072 | Incorrect Permission Assignment for Critical Resource vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 6.5 |
| 2019-05-06 | CVE-2018-4071 | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 4.0 |
| 2019-05-06 | CVE-2018-4070 | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 4.0 |
| 2019-05-06 | CVE-2018-4067 | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable information disclosure vulnerability exists in the ACEManager template_load.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 4.0 |
| 2019-05-06 | CVE-2018-4066 | Cross-Site Request Forgery (CSRF) vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable cross-site request forgery vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 6.8 |
| 2019-05-06 | CVE-2018-4065 | Cross-site Scripting vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 4.3 |
| 2019-05-06 | CVE-2018-4063 | Unrestricted Upload of File with Dangerous Type vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 9.0 |