Vulnerabilities > Sierrawireless > Airlink MP ROW Wifi

DATE CVE VULNERABILITY TITLE RISK
2014-01-15 CVE-2013-2820 Improper Authentication vulnerability in Sierrawireless products
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.
network
low complexity
sierrawireless CWE-287
critical
 10.0
10
2014-01-15 CVE-2013-2819 Credentials Management vulnerability in Sierrawireless products
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1) update or (2) reprogramming action.
network
sierrawireless CWE-255
critical
 9.3
9.3