sierrawireless

Top products

The 15 most recently published vulnerabilities affecting sierrawireless.

• CVE-2023-38321OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outag...7.5Dec 25, 2023
• CVE-2023-40465Improper input leads to DoS8.3Dec 4, 2023
• CVE-2023-40464Use of hardcoded certificate and private key8.1Dec 4, 2023
• CVE-2023-40463Use of Hard-Coded Credentials8.1Dec 4, 2023
• CVE-2023-40462Improper input leads to DoS7.5Dec 4, 2023
• CVE-2023-40461Cross-site scripting vulnerability in ACEManager8.1Dec 4, 2023
• CVE-2023-40460Improper input leads to DoS7.1Dec 4, 2023
• CVE-2023-40459Improper input leads to DoS7.5Dec 4, 2023
• CVE-2023-40458AceManager DOS Vulnerability7.5Nov 29, 2023
• CVE-2022-46650Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page.4.9Feb 10, 2023
• CVE-2022-46649Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device.8.8Feb 10, 2023
• CVE-2020-11101Sierra Wireless AirLink Mobility Manager (AMM) before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges.9.8Dec 26, 2022
• CVE-2019-13988Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request (aka Forced Browsing).6.5Dec 26, 2022
• CVE-2019-11851The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer ov...9.8Dec 26, 2022
• CVE-2020-8782ALEOS LAN-Side RPC Service Remote Code Execution7.5Oct 6, 2020