15 matches found
CVE-2019-11851
The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow...
Linux Distros Unpatched Vulnerability : CVE-2023-40458
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Sierra Wireless, Inc ALEOS could potentially allow a remote attacker to trigger a Denial o...
DEBIAN-CVE-2023-38321
OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service NULL pointer dereference, daemon crash, and Captive Portal outage via a GET request to /openndsauth/ that lacks a custom query string parameter and client-token...
openNDS Security Vulnerabilities
openNDS is a high-performance, small footprint portal system open sourced from openNDS. A security vulnerability exists in openNDS that stems from a null pointer dereference issue that results in a denial of service DOS in products that use OpenNDS, such as Sierra Wireless ALEOS versions prior to...
CVE-2023-38321
OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service NULL pointer dereference, daemon crash, and Captive Portal outage via a GET request to /openndsauth/ that lacks a custom query string parameter and client-token...
CVE-2023-38321
OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service NULL pointer dereference, daemon crash, and Captive Portal outage via a GET request to /openndsauth/ that lacks a custom query string parameter and client-token...
Sierra Wireless ALEOS Code Issue Vulnerability
Sierra Wireless ALEOS AAF is a framework for creating applications in Sierra Wireless AirLink gateways from Sierra Wireless Canada. A code issue vulnerability exists in Sierra Wireless ALEOS 4.16 and prior versions that stems from a denial of service DOS vulnerability in the ACEManager component...
Sierra Wireless ALEOS Trust Management Issue Vulnerability
Sierra Wireless ALEOS AAF is a framework for creating applications in Sierra Wireless AirLink gateways from Sierra Wireless Canada. A vulnerability with trust management issues exists in Sierra Wireless ALEOS 4.16 and prior versions, which stems from a user being able to gain root privileges or...
CVE-2023-40458
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Sierra Wireless, Inc ALEOS could potentially allow a remote attacker to trigger a Denial of Service DoS condition for ACEManager without impairing other router functions. This condition is cleared by restarting the device...
CVE-2023-40458
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Sierra Wireless, Inc ALEOS could potentially allow a remote attacker to trigger a Denial of Service DoS condition for ACEManager without impairing other router functions. This condition is cleared by restarting the device...
PT-2023-7919 · Sierra Wireless · Aleos
Name of the Vulnerable Software and Affected Versions: Sierra Wireless, Inc ALEOS affected versions not specified Description: The issue is related to a Loop with Unreachable Exit Condition, also known as an 'Infinite Loop', which could potentially allow a remote attacker to trigger a Denial of...
CVE-2019-11851
The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow...
CVE-2019-11851
The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow...
CVE-2015-6479
CVE-2015-6479 affects Sierra Wireless ACEmanager in ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300. It is a remote information-disclosure vulnerability that allows reading the filteredlogs.txt file, potentially exposing boot-sequence details. The issue is due to access to...
CVE-2015-6479
ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS300 devices allows remote attackers to read the filteredlogs.txt file, and consequently discover potentially sensitive boot-sequence information, via unspecified vectors...