Lucene search
K

4 matches found

The Hacker News
The Hacker News
added 2025/12/13 12:33 p.m.8 views

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added a high-severity flaw impacting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation in the wild. CVE-2018-4063 CVSS score: 8.8/9.9 refers to...

9.8CVSS7.7AI score0.99698EPSS
Exploits33
CISA
CISA
added 2025/12/12 12:0 p.m.6 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2018-4063link is external Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability This type of vulnerability is a frequent...

9CVSS6.9AI score0.27851EPSS
In wildExploits3References6
CISA KEV Catalog
CISA KEV Catalog
added 2025/12/12 12:0 a.m.5 views

Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability

Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger...

9CVSS7.1AI score0.27851EPSS
In wildExploits3
ICS
ICS
added 2019/05/02 12:0 a.m.244 views

Sierra Wireless AirLink ALEOS (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: Sierra Wireless Equipment: AirLink ALEOS Vulnerabilities: OS Command Injection, Use of Hard-coded Credentials, Unrestricted Upload of File with Dangerous Type,...

9.3CVSS9.2AI score0.27851EPSS
Exploits21References4
Rows per page
Query Builder