Lucene search
K

6 matches found

Openbugbounty
Openbugbounty
added 2019/12/29 1:43 p.m.7 views

procurement.nandicounty.go.ke Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1053505 Security Researcher devl00p Helped patch 2889 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting...

6.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2019/05/23 12:0 a.m.5 views

Sierra Wireless AirLink Command Injection (CVE-2018-4061)

A command injection vulnerability exists in Sierra Wireless AirLink. An authenticated attacker can send A specially crafted HTTP request to the affected target host and trigger arbitrary command execution...

9CVSS2.8AI score0.19488EPSS
Exploits3
CVE
CVE
added 2019/05/06 6:0 p.m.71 views

CVE-2018-4061

CVE-2018-4061 is an exploitable OS command injection in ACEManager iplogging.cgi of Sierra Wireless AirLink ES450 FW 4.9.3. An authenticated HTTP request can inject commands, enabling remote code execution (root) via mis-handling of the -z tcpdump flag in iplogging.cgi. Public advisories (Talos/T...

9CVSS8.7AI score0.19488EPSS
Exploits3References4Affected Software1
ThreatPost
ThreatPost
added 2019/05/03 2:36 p.m.108 views

Multiple Sierra Wireless AirLink Routers Open to Remote Code Execution

Sierra Wireless is warning that additional AirLink router models, which are targeted toward IoT applications, are vulnerable to previously-disclosed critical flaws. The vulnerabilities are part of the 11 critical bugs disclosed on Sierra Wireless’ AirLink ES450 LTE router last week – only now,...

9.3CVSS2.8AI score0.28056EPSS
Exploits21References13
0day.today
0day.today
added 2019/04/29 12:0 a.m.89 views

Sierra Wireless AirLink ES450 ACEManager iplogging.cgi Command Injection Exploit

An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can inject arbitrary commands, resulting in arbitrary command execution. An attacker can send an authenticated HTTP reque...

1AI score0.19488EPSS
Exploits3
ThreatPost
ThreatPost
added 2019/04/26 4:12 p.m.278 views

Critical Flaws in Sierra Wireless 5G Gateway Allow RCE, Command Injection

A 5G wireless gateway tailored for industrial internet of things IoT, retail point-of-sale and enterprise redundancy applications is riddled with vulnerabilities, include two critical bugs that allow remote code-execution RCE and arbitrary command-injection. The Sierra Wireless AirLink ES450 LTE...

9.3CVSS0.8AI score0.99965EPSS
Exploits64References14
Rows per page
Query Builder