4 matches found
CVE-2022-46649
Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device...
CVE-2022-46649
creationtimestamp| type| source ---|---|--- 2023-02-10 11:50:07+00:00| seen| https://t.me/truesecator/4051 2023-02-10 20:32:34+00:00| seen| https://t.me/cibsecurity/57934 2025-03-24 16:23:09+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8475 2026-04-25 09:00:05+00:00|...
CVE-2022-46649
CVE-2022-46649 affects Acemanager in ALEOS prior to 4.16. An authenticated user can manipulate the IP logging operation to execute arbitrary shell commands on the device. Public material (e.g., Red Hat, NVD, Trellix blogs) confirms an authenticated command-injection vector with CVSS v3.1 base sco...
Sierra Wireless AirLink Router with ALEOS Software
1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Sierra Wireless Equipment: AirLink Router with ALEOS Software Vulnerabilities: Improper Neutralization of Argument Delimiters in a Command, Exposure of Sensitive Information to an Unauthorized Actor 2...