Vulnerabilities > Sierrawireless > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-05-06 CVE-2018-4065 Cross-site Scripting vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-79
6.1
6.1
2019-05-06 CVE-2018-4068 Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3
An exploitable information disclosure vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3.
network
low complexity
sierrawireless CWE-200
5.3
5.3
2016-04-21 CVE-2015-6479 Unspecified vulnerability in Sierrawireless Aleos
ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspecified vectors.
network
low complexity
sierrawireless
4.3
4.3