CVSS: 9.3EPSS: 1%CPEs: 2EXPL: 2CVE-2018-4062 – Sierra Wireless AirLink ES450 SNMPD Hard-Coded Credentials
https://notcve.org/view.php?id=CVE-2018-4062
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability. Existe una vulnerabilidad de credenciales embebidas en la función snmpd del Sierra Wireless AirLink ES450 FW 4.9.3. La activación de snmpd fuera de la interfaz WebUI puede causar la activación de las credenciales embebidas, que dará como resultado la exposición de un usuario privilegiado. • http://packetstormsecurity.com/files/152647/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html http://www.securityfocus.com/bid/108147 https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03 https://talosintelligence.com/vulnerability_reports/TALOS-2018-0747 • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2018-4063 – Sierra Wireless AirLink ES450 ACEManager upload.cgi Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-4063
An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability. Existe una vulnerabilidad explotable de ejecución remota de código en la funcionalidad upload.cgi de Sierra Wireless AirLink ES450 FW 4.9.3. Una petición HTTP especialmente diseñada puede permitir cargar un archivo, que daría como resultado que el código ejecutable se cargue y se pueda enrutar en el servidor web. • http://packetstormsecurity.com/files/152648/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html http://www.securityfocus.com/bid/108147 https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03 https://talosintelligence.com/vulnerability_reports/TALOS-2018-0748 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2018-4065 – Sierra Wireless AirLink ES450 ACEManager ping_result.cgi Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-4065
An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the victim's browser. An attacker can get a victim to click a link, or embedded URL, that redirects to the reflected cross-site scripting vulnerability to trigger this vulnerability. Existe una vulnerabilidad de Corss-Site Scripting explotable en la funcionalidad ACEManager ping_result.cgi de Sierra Wireless AirLink ES450 FW 4.9.3. Una petición HTTP especialmente creado puede causar la ejecución de código javascript reflejado, resultando en la ejecución de código javascript en el navegador del víctima. • http://packetstormsecurity.com/files/152650/Sierra-Wireless-AirLink-ES450-ACEManager-ping_result.cgi-Cross-Site-Scripting.html http://www.securityfocus.com/bid/108147 https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03 https://talosintelligence.com/vulnerability_reports/TALOS-2018-0750 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 1CVE-2018-4064 – Sierra Wireless AirLink ES450 ACEManager upload.cgi Unverified Password Change
https://notcve.org/view.php?id=CVE-2018-4064
An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a unverified device configuration change, resulting in an unverified change of the user password on the device. An attacker can make an authenticated HTTP request to trigger this vulnerability. Se presenta una vulnerabilidad de cambio de contraseña no comprobado explotable en la funcionalidad ACEManager upload.cgi de Sierra Wireless AirLink ES450 FW versión 4.9.3. Una petición HTTP especialmente diseñada puede causar un cambio no comprobado en la configuración del dispositivo, resultando en un cambio no comprobado de la contraseña del usuario en el dispositivo. • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0749 • CWE-287: Improper Authentication •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2018-4061 – Sierra Wireless AirLink ES450 ACEManager iplogging.cgi Command Injection
https://notcve.org/view.php?id=CVE-2018-4061
An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can inject arbitrary commands, resulting in arbitrary command execution. An attacker can send an authenticated HTTP request to trigger this vulnerability. Existe una vulnerabilidad de inyección de comandos explotable en la funcionalidad iplogging.cgi de ACEManager de Sierra Wireless AirLink ES450 FW 4.9.3. Una petición HTTP especialmente diseñada puede inyectar comandos arbitrarios, lo que resulta en una ejecución arbitraria de los mismos. • http://packetstormsecurity.com/files/152646/Sierra-Wireless-AirLink-ES450-ACEManager-iplogging.cgi-Command-Injection.html http://www.securityfocus.com/bid/108147 https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03 https://talosintelligence.com/vulnerability_reports/TALOS-2018-0746 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •