CVE-2018-10251
First published: Fri May 04 2018(Updated: )
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9.3 could allow an unauthenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sierra Wireless ALEOS | <4.4.7 | |
| Sierra Wireless ES440 | ||
| Sierra Wireless Gx400 | ||
| Sierra Wireless GX440 | ||
| Sierra Wireless LS300 | ||
| Sierra Wireless ALEOS | <4.9.3 | |
| Sierra Wireless AirLink ES450 | ||
| Sierra Wireless AirLink GX450 | ||
| Sierra Wireless AirLink MP70 | ||
| Sierra Wireless MP70e | ||
| Sierra Wireless RV50 Firmware | ||
| Sierra Wireless AirLink RV50X |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2018-10251?
CVE-2018-10251 is a vulnerability in Sierra Wireless AirLink routers that could allow an attacker to execute arbitrary code and gain full control of the affected device.
Which Sierra Wireless AirLink routers are affected by CVE-2018-10251?
Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7, as well as GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9.3 are affected by CVE-2018-10251.
How severe is CVE-2018-10251?
CVE-2018-10251 has a severity rating of 9.8, which is considered critical.
What is the Common Weakness Enumeration (CWE) ID for CVE-2018-10251?
The Common Weakness Enumeration (CWE) ID for CVE-2018-10251 is CWE-1188 and CWE-862.
Is there a fix available for CVE-2018-10251?
Yes, a fix is available for CVE-2018-10251. Users should update their firmware to version 4.4.7 or later for affected GX400, GX440, ES440, and LS300 routers, and version 4.9.3 or later for affected GX450, ES450, RV50, RV50X, MP70, and MP70E routers.
- agent/weakness
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/sierrawireless
- canonical/sierra wireless aleos
- canonical/sierra wireless es440
- canonical/sierra wireless gx400
- canonical/sierra wireless gx440
- canonical/sierra wireless ls300
- canonical/sierra wireless airlink es450
- canonical/sierra wireless airlink gx450
- canonical/sierra wireless airlink mp70
- canonical/sierra wireless mp70e
- canonical/sierra wireless rv50 firmware
- canonical/sierra wireless airlink rv50x