The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSierrawireless Aleos
OSSierrawireless4.10.0 – 4.14.0 (bez)4.5.0 – 4.9.5 (bez)< 4.4.9Sierrawireless Es440
HWSierrawirelesswszystkie wersjeSierrawireless Es450
HWSierrawirelesswszystkie wersjeSierrawireless Gx400
HWSierrawirelesswszystkie wersjeSierrawireless Gx440
HWSierrawirelesswszystkie wersjeSierrawireless Gx450
HWSierrawirelesswszystkie wersjeSierrawireless Ls300
HWSierrawirelesswszystkie wersjeSierrawireless Lx40
HWSierrawirelesswszystkie wersjeSierrawireless Lx60
HWSierrawirelesswszystkie wersjeSierrawireless Mp70
HWSierrawirelesswszystkie wersjeSierrawireless Mp70e
HWSierrawirelesswszystkie wersjeSierrawireless Rv50
HWSierrawirelesswszystkie wersjeSierrawireless Rv50x
HWSierrawirelesswszystkie wersje
Related vulnerabilities
Lack of input sanitization in AceManager of ALEOS before 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitiv...
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 a...
An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless A...
OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to caus...
The ACEManager component of ALEOS 4.16 and earlier does not adequately perform input sanitization dur...