Vulnerabilities > Sierrawireless

DATE CVE VULNERABILITY TITLE RISK
2019-05-06 CVE-2018-4071 Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-200
4.0
2019-05-06 CVE-2018-4070 Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-200
4.0
2019-05-06 CVE-2018-4067 Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable information disclosure vulnerability exists in the ACEManager template_load.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-200
4.0
2019-05-06 CVE-2018-4066 Cross-Site Request Forgery (CSRF) vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable cross-site request forgery vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
6.8
2019-05-06 CVE-2018-4065 Cross-site Scripting vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
4.3
2019-05-06 CVE-2018-4063 Unrestricted Upload of File with Dangerous Type vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-434
critical
9.0
2019-05-06 CVE-2018-4062 Use of Hard-coded Credentials vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3.
network
sierrawireless CWE-798
critical
9.3
2019-05-06 CVE-2018-4069 Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An information disclosure vulnerability exists in the ACEManager authentication functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-200
5.0
2019-05-06 CVE-2018-4068 Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable information disclosure vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-200
5.0
2019-05-06 CVE-2018-4061 OS Command Injection vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-78
critical
9.0