Latest sierrawireless rv50x Vulnerabilities

CVE-2023-38321
OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) ...
Sierrawireless Aleos<4.17.0.12
Sierrawireless Lx40
Sierrawireless Lx60
Sierrawireless Mp70
Sierrawireless Rv50x
Sierrawireless Rv55
CVE-2023-40465
Improper input leads to DoS
Sierrawireless Aleos<=4.16.0
Sierrawireless Es450
Sierrawireless Gx450
Sierrawireless Lx40
Sierrawireless Lx60
Sierrawireless Mp70
and 2 more
CVE-2023-40464
Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. An attacker with access to these items could potentially perform a man in the middle...
Sierrawireless Aleos<=4.16.0
Sierrawireless Es450
Sierrawireless Gx450
Sierrawireless Lx40
Sierrawireless Lx60
Sierrawireless Mp70
and 2 more
CVE-2023-40463
Use of Hard-Coded Credentials
Sierrawireless Aleos<=4.16.0
Sierrawireless Es450
Sierrawireless Gx450
Sierrawireless Lx40
Sierrawireless Lx60
Sierrawireless Mp70
and 2 more
CVE-2023-40462
Improper input leads to DoS
Sierra OT/IoT routers
Sierra Wireless AirLink cellular routers
OpenNDS open Network Demarcation Service
Sierrawireless Aleos<=4.16.0
Sierrawireless Es450
and 7 more
CVE-2023-40461
Cross-site scripting vulnerability in ACEManager
Sierrawireless Aleos<=4.16.0
Sierrawireless Es450
Sierrawireless Gx450
Sierrawireless Lx40
Sierrawireless Lx60
Sierrawireless Mp70
and 2 more
CVE-2023-40460
Improper input leads to DoS
Sierrawireless Aleos<=4.16.0
Sierrawireless Es450
Sierrawireless Gx450
Sierrawireless Lx40
Sierrawireless Lx60
Sierrawireless Mp70
and 2 more
CVE-2023-40459
Improper input leads to DoS
Sierrawireless Aleos<=4.16.0
Sierrawireless Es450
Sierrawireless Gx450
Sierrawireless Lx40
Sierrawireless Lx60
Sierrawireless Mp70
and 2 more
CVE-2022-46650
Acemanager in ALEOS before version 4.16 allows a user with valid credentials to reconfigure the device to expose the ACEManager credentials on the pre-login status page.
Sierrawireless Aleos<=4.9.7
Sierrawireless Es450
Sierrawireless Gx450
Sierrawireless Aleos<=4.16.0
Sierrawireless Lx40
Sierrawireless Lx60
and 4 more
CVE-2022-46649
Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device.
Sierrawireless Aleos<=4.9.7
Sierrawireless Es450
Sierrawireless Gx450
Sierrawireless Aleos<=4.16.0
Sierrawireless Lx40
Sierrawireless Lx60
and 4 more
CVE-2019-11851
The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overf...
Sierrawireless Aleos>=4.10.0<4.14.0
Sierrawireless Lx40
Sierrawireless Lx60
Sierrawireless Mp70
Sierrawireless Mp70e
Sierrawireless Rv50
and 9 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203