6 matches found
procurement.nandicounty.go.ke Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1053505 Security Researcher devl00p Helped patch 2889 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting...
Sierra Wireless AirLink Command Injection (CVE-2018-4061)
A command injection vulnerability exists in Sierra Wireless AirLink. An authenticated attacker can send A specially crafted HTTP request to the affected target host and trigger arbitrary command execution...
CVE-2018-4061
CVE-2018-4061 is an exploitable OS command injection in ACEManager iplogging.cgi of Sierra Wireless AirLink ES450 FW 4.9.3. An authenticated HTTP request can inject commands, enabling remote code execution (root) via mis-handling of the -z tcpdump flag in iplogging.cgi. Public advisories (Talos/T...
Multiple Sierra Wireless AirLink Routers Open to Remote Code Execution
Sierra Wireless is warning that additional AirLink router models, which are targeted toward IoT applications, are vulnerable to previously-disclosed critical flaws. The vulnerabilities are part of the 11 critical bugs disclosed on Sierra Wireless’ AirLink ES450 LTE router last week – only now,...
Sierra Wireless AirLink ES450 ACEManager iplogging.cgi Command Injection Exploit
An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can inject arbitrary commands, resulting in arbitrary command execution. An attacker can send an authenticated HTTP reque...
Critical Flaws in Sierra Wireless 5G Gateway Allow RCE, Command Injection
A 5G wireless gateway tailored for industrial internet of things IoT, retail point-of-sale and enterprise redundancy applications is riddled with vulnerabilities, include two critical bugs that allow remote code-execution RCE and arbitrary command-injection. The Sierra Wireless AirLink ES450 LTE...