Vulnerabilities > Sierrawireless > Aleos > 4.4.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-10 | CVE-2022-46650 | Information Exposure vulnerability in Sierrawireless Aleos Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page. | 4.9 |
2020-08-21 | CVE-2019-11859 | Classic Buffer Overflow vulnerability in Sierrawireless Aleos A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root. | 8.8 |
2020-08-21 | CVE-2019-11858 | Classic Buffer Overflow vulnerability in Sierrawireless Aleos Multiple buffer overflow vulnerabilities exist in the AceManager Web API of ALEOS before 4.13.0, 4.9.5, and 4.4.9. | 7.2 |
2020-08-21 | CVE-2019-11857 | Improper Input Validation vulnerability in Sierrawireless Aleos Lack of input sanitization in AceManager of ALEOS before 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitive system information. | 4.9 |
2020-08-21 | CVE-2019-11856 | Authentication Bypass by Capture-replay vulnerability in Sierrawireless Aleos A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. | 3.8 |
2020-08-21 | CVE-2019-11855 | Unspecified vulnerability in Sierrawireless Aleos An RPC server is enabled by default on the gateway's LAN of ALEOS before 4.12.0, 4.9.5, and 4.4.9. | 9.8 |
2020-08-21 | CVE-2019-11853 | Command Injection vulnerability in Sierrawireless Aleos Several potential command injections vulnerabilities exist in the AT command interface of ALEOS before 4.11.0, and 4.9.4. | 7.2 |
2020-08-21 | CVE-2019-11852 | Out-of-bounds Read vulnerability in Sierrawireless Aleos An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS before 4.13.0, 4.9.5, and 4.4.9. | 9.1 |
2020-08-21 | CVE-2019-11850 | Out-of-bounds Write vulnerability in Sierrawireless Aleos A stack overflow vulnerabiltity exist in the AT command interface of ALEOS before 4.11.0. | 6.7 |
2020-08-21 | CVE-2019-11849 | Out-of-bounds Write vulnerability in Sierrawireless Aleos A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS before 4.11.0. | 6.7 |