CVE-2017-6044
First published: Fri Jun 30 2017(Updated: )
An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Several files and directories can be accessed without authentication, which may allow a remote attacker to perform sensitive functions including arbitrary file upload, file download, and device reboot.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sierra Wireless Airlink Raven Xe Firmware | <=- | |
| Sierra Wireless AirLink Raven XE | ||
| Sierra Wireless Airlink Raven Xt Firmware | ||
| Sierra Wireless Airlink Raven Xt |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sierra wireless
- canonical/sierra wireless airlink raven xe firmware
- version/sierra wireless airlink raven xe firmware/-
- canonical/sierra wireless airlink raven xe
- canonical/sierra wireless airlink raven xt firmware
- canonical/sierra wireless airlink raven xt