CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 1CVE-2018-4064 – Sierra Wireless AirLink ES450 ACEManager upload.cgi Unverified Password Change
https://notcve.org/view.php?id=CVE-2018-4064
An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a unverified device configuration change, resulting in an unverified change of the user password on the device. An attacker can make an authenticated HTTP request to trigger this vulnerability. Se presenta una vulnerabilidad de cambio de contraseña no comprobado explotable en la funcionalidad ACEManager upload.cgi de Sierra Wireless AirLink ES450 FW versión 4.9.3. Una petición HTTP especialmente diseñada puede causar un cambio no comprobado en la configuración del dispositivo, resultando en un cambio no comprobado de la contraseña del usuario en el dispositivo. • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0749 • CWE-287: Improper Authentication •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2018-4061 – Sierra Wireless AirLink ES450 ACEManager iplogging.cgi Command Injection
https://notcve.org/view.php?id=CVE-2018-4061
An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can inject arbitrary commands, resulting in arbitrary command execution. An attacker can send an authenticated HTTP request to trigger this vulnerability. Existe una vulnerabilidad de inyección de comandos explotable en la funcionalidad iplogging.cgi de ACEManager de Sierra Wireless AirLink ES450 FW 4.9.3. Una petición HTTP especialmente diseñada puede inyectar comandos arbitrarios, lo que resulta en una ejecución arbitraria de los mismos. • http://packetstormsecurity.com/files/152646/Sierra-Wireless-AirLink-ES450-ACEManager-iplogging.cgi-Command-Injection.html http://www.securityfocus.com/bid/108147 https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03 https://talosintelligence.com/vulnerability_reports/TALOS-2018-0746 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 12EXPL: 0CVE-2018-10251
https://notcve.org/view.php?id=CVE-2018-10251
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9.3 could allow an unauthenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. Una vulnerabilidad en los routers Sierra Wireless AirLink GX400, GX440, ES440 y LS300 con firmware en versiones anteriores a la 4.4.7 y los routers GX450, ES450, RV50, RV50X, MP70 y MP70E con firmware en versiones anteriores a la 4.9.3 podría permitir que un atacante remoto no autenticado ejecute código arbitrario y obtenga el control total de un sistema afectado, incluyendo el envío de comandos con privilegios root. • https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---cve-2018-10251 • CWE-862: Missing Authorization CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 9.0EPSS: 0%CPEs: 20EXPL: 0CVE-2017-15043
https://notcve.org/view.php?id=CVE-2017-15043
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.5 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9 could allow an authenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. This vulnerability is due to insufficient input validation on user-controlled input in an HTTP request to the targeted device. An attacker in possession of router login credentials could exploit this vulnerability by sending a crafted HTTP request to an affected system. Una vulnerabilidad en los routers Sierra Wireless AirLink GX400, GX440, ES440 y LS300 con firmware en versiones anteriores a la 4.4.5 y los routers GX450, ES450, RV50, RV50X, MP70 y MP70E con firmware en versiones anteriores a la 4.9 podría permitir que un atacante remoto autenticado ejecute código arbitrario y obtenga el control total de un sistema afectado, incluyendo el envío de comandos con privilegios root. La vulnerabilidad se debe a la validación de entradas insuficiente en las entradas controladas por el usuario en una petición HTTP al dispositivo objetivo. • https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/swi-psa-2018-003-technical-bulletin-reaper • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-9247
https://notcve.org/view.php?id=CVE-2017-9247
Multiple unquoted service path vulnerabilities in Sierra Wireless Windows Mobile Broadband Driver Package (MBDP) with build ID < 4657 allows local users to launch processes with elevated privileges. Múltiples vulnerabilidades ruta de servicio sin entrecomillar en Mobile Broadband Driver Package (MBDP) de Sierra Wireless Windows con ID de compilación menor a 4657, permite a los usuarios locales iniciar procesos con privilegios elevados. • http://support.lenovo.com/us/en/product_security/LEN-12739 https://source.sierrawireless.com/resources/airprime/software/cve-2017-9247-unquoted-service-path-vulnerabilities • CWE-428: Unquoted Search Path or Element •