Vulnerabilities > Sierrawireless > Airlink Es450

DATE CVE VULNERABILITY TITLE RISK
2019-05-06 CVE-2018-4062 Use of Hard-coded Credentials vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3.
network
sierrawireless CWE-798
critical
 9.3
9.3
2019-05-06 CVE-2018-4069 Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An information disclosure vulnerability exists in the ACEManager authentication functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-200
5.0
5.0
2019-05-06 CVE-2018-4068 Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable information disclosure vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-200
5.0
5.0
2019-05-06 CVE-2018-4061 OS Command Injection vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-78
critical
 9.0
9.0
2015-08-08 CVE-2015-2897 Information Exposure vulnerability in Sierrawireless Aleos
Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNET session.
network
low complexity
sierrawireless CWE-200
critical
 10.0
10