Vulnerabilities > Sierrawireless
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-10 | CVE-2022-46650 | Information Exposure vulnerability in Sierrawireless Aleos Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page. | 4.9 |
| 2022-12-26 | CVE-2019-11851 | Classic Buffer Overflow vulnerability in Sierrawireless Aleos The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow. | 9.8 |
| 2022-12-26 | CVE-2019-13988 | Unspecified vulnerability in Sierrawireless Mgos Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request (aka Forced Browsing). low complexity sierrawireless | 6.5 |
| 2022-12-26 | CVE-2020-11101 | Unspecified vulnerability in Sierrawireless Airlink Mobility Manager Sierra Wireless AirLink Mobility Manager (AMM) before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges. | 9.8 |
| 2020-10-06 | CVE-2020-8782 | Unspecified vulnerability in Sierrawireless Aleos Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution. | 9.8 |
| 2020-10-06 | CVE-2020-8781 | Unspecified vulnerability in Sierrawireless Aleos Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-privilege process. | 7.8 |
| 2020-08-21 | CVE-2019-11862 | Unspecified vulnerability in Sierrawireless Aleos The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying. | 8.4 |
| 2020-08-21 | CVE-2019-11859 | Classic Buffer Overflow vulnerability in Sierrawireless Aleos A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root. | 8.8 |
| 2020-08-21 | CVE-2019-11858 | Classic Buffer Overflow vulnerability in Sierrawireless Aleos Multiple buffer overflow vulnerabilities exist in the AceManager Web API of ALEOS before 4.13.0, 4.9.5, and 4.4.9. | 7.2 |
| 2020-08-21 | CVE-2019-11857 | Improper Input Validation vulnerability in Sierrawireless Aleos Lack of input sanitization in AceManager of ALEOS before 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitive system information. | 4.9 |