CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-38321
https://notcve.org/view.php?id=CVE-2023-38321
25 Dec 2023 — OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter and client-token. OpenNDS, tal como se usa en Sierra Wireless ALEOS anteriores a 4.17.0.12 y otros productos, permite a atacantes remotos provocar una denegación de servicio (desreferencia de puntero NULL, caída del daemon e interrup... • https://github.com/openNDS/openNDS/blob/master/ChangeLog • CWE-476: NULL Pointer Dereference •
CVSS: 8.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-40465 – Improper input leads to DoS
https://notcve.org/view.php?id=CVE-2023-40465
04 Dec 2023 — Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited from the local area network, resulting in a Denial of Service condition for the captive portal. Varias versiones de ALEOS, incluida ALEOS 4.16.0, incluyen un componente de terceros de código abierto que puede explotarse desde la red de área local, lo que genera una condición de denegación de servicio para el portal cautivo. Several versions of ALEOS, including ALEOS 4.16.0, include an openso... • https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.6KUVtE6w.dpbs • CWE-121: Stack-based Buffer Overflow CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-40464 – Use of hardcoded certificate and private key
https://notcve.org/view.php?id=CVE-2023-40464
04 Dec 2023 — Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. An attacker with access to these items could potentially perform a man in the middle attack between the ACEManager client and ACEManager server. Varias versiones de ALEOS, incluido ALEOS 4.16.0, utilizan un certificado SSL codificado y una clave privada. Un atacante con acceso a estos elementos podría potencialmente realizar un ataque intermediario entre el cliente ACEManager y el servidor ACEManager. Several... • https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.6KUVtE6w.dpbs • CWE-321: Use of Hard-coded Cryptographic Key CWE-798: Use of Hard-coded Credentials •
CVSS: 8.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-40463 – Use of Hard-Coded Credentials
https://notcve.org/view.php?id=CVE-2023-40463
04 Dec 2023 — When configured in debugging mode by an authenticated user with administrative privileges, ALEOS 4.16 and earlier store the SHA512 hash of the common root password for that version in a directory accessible to a user with root privileges or equivalent access. Cuando un usuario autenticado con privilegios administrativos lo configura en modo de depuración, ALEOS 4.16 y versiones anteriores almacenan el hash SHA512 de la contraseña raíz común para esa versión en un directorio accesible para un usuario con pri... • https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.6KUVtE6w.dpbs • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-40462 – Improper input leads to DoS
https://notcve.org/view.php?id=CVE-2023-40462
04 Dec 2023 — The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable. El componente ACEManager de ALEOS 4.16 y versiones anteriores no realiza sanitización de entrada durante la autenticación, lo que podría resultar en una condición de denegaci... • https://lists.debian.org/debian-lts-announce/2023/12/msg00024.html • CWE-617: Reachable Assertion •
CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-40461 – Cross-site scripting vulnerability in ACEManager
https://notcve.org/view.php?id=CVE-2023-40461
04 Dec 2023 — The ACEManager component of ALEOS 4.16 and earlier allows an authenticated user with Administrator privileges to access a file upload field which does not fully validate the file name, creating a Stored Cross-Site Scripting condition. El componente ACEManager de ALEOS 4.16 y versiones anteriores permite que un usuario autenticado con privilegios de administrador acceda a un campo de carga de archivos que no valida completamente el nombre del archivo, creando una condición de Cross-Site Scripting Almacenado.... • https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.6KUVtE6w.dpbs • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-40460 – Improper input leads to DoS
https://notcve.org/view.php?id=CVE-2023-40460
04 Dec 2023 — The ACEManager component of ALEOS 4.16 and earlier does not validate uploaded file names and types, which could potentially allow an authenticated user to perform client-side script execution within ACEManager, altering the device functionality until the device is restarted. El componente ACEManager de ALEOS 4.16 y versiones anteriores no valida los nombres y tipos de archivos cargados, lo que podría permitir a un usuario autenticado realizar la ejecución de scripts del lado del cliente dentro de ACEManager... • https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.5ZcnyPM1.dpbs • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 3CVE-2023-40459 – Improper input leads to DoS
https://notcve.org/view.php?id=CVE-2023-40459
04 Dec 2023 — The ACEManager component of ALEOS 4.16 and earlier does not adequately perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable. El componente ACEManager de ALEOS 4.16 y versiones anteriores no realiza adecuadamente la sanitización de entradas durante la autenticación, lo que podría resultar... • https://packetstorm.news/files/id/181977 • CWE-476: NULL Pointer Dereference •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 1CVE-2022-46650
https://notcve.org/view.php?id=CVE-2022-46650
10 Feb 2023 — Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page. • https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-001 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 0%CPEs: 10EXPL: 1CVE-2022-46649
https://notcve.org/view.php?id=CVE-2022-46649
10 Feb 2023 — Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device. • https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-001 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •