NotCVE - vendor:"Sierrawireless"

Page 3 of 56 results (0.003 seconds)

CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1

CVE-2022-46649

https://notcve.org/view.php?id=CVE-2022-46649

Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device. • https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-001 https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-04 https://www.otorio.com/blog/airlink-acemanager-vulnerabilities • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-11101

https://notcve.org/view.php?id=CVE-2020-11101

Sierra Wireless AirLink Mobility Manager (AMM) before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges. Sierra Wireless AirLink Mobility Manager (AMM) anterior a 2.17 maneja mal las sesiones y, por lo tanto, un atacante no autenticado puede obtener una sesión de inicio de sesión con privilegios de administrador. • https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2020-007---amm-unauthenticated-login.ashx https://www.sierrawireless.com/company/security •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2019-13988

https://notcve.org/view.php?id=CVE-2019-13988

Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request (aka Forced Browsing). Sierra Wireless MGOS anteriores a 3.15.2 y 4.x anteriores a 4.3 permite a los atacantes leer archivos de registro mediante una solicitud directa (también conocida como navegación forzada). • https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2020-006---mgos-security-update.ashx https://www.sierrawireless.com/company/security •

CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 0

CVE-2019-11851

https://notcve.org/view.php?id=CVE-2019-11851

The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow. El servicio ACENet en Sierra Wireless ALEOS anteriores a 4.4.9, 4.5.x a 4.9.x anteriores a 4.9.5 y 4.10.x a 4.13.x anteriores a 4.14.0 permite a atacantes remotos ejecutar código arbitrario mediante un desbordamiento de búfer. • http://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2021-001.ashx https://www.sierrawireless.com/company/security • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.8EPSS: 0%CPEs: 16EXPL: 0

CVE-2020-8782 – ALEOS LAN-Side RPC Service Remote Code Execution

https://notcve.org/view.php?id=CVE-2020-8782

Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution. Sierra Wireless ALEOS versiones hasta 4.4.8, versiones hasta 4.9.4 y versiones hasta 4.11, permite una ejecución de código remota • https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2020-005 •

1 2 3 4 5