6 matches found
CVE-2018-4066
An exploitable cross-site request forgery vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an authenticated user to perform privileged requests unknowingly, resulting in unauthenticated requests being...
CVE-2018-4066
An exploitable cross-site request forgery vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an authenticated user to perform privileged requests unknowingly, resulting in unauthenticated requests being...
CVE-2018-4066
Sierra Wireless AirLink ES450 FW 4.9.3 exposes a CSRF vulnerability in ACEManager (CVE-2018-4066) that can force an authenticated user to perform privileged actions, effectively triggering authenticated-page requests on behalf of the user. The issue is documented across TI sources (Talos TALOS-20...
CVE-2018-4066
An exploitable cross-site request forgery vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an authenticated user to perform privileged requests unknowingly, resulting in unauthenticated requests being...
Sierra Wireless AirLink ES450 ACEManager Cross Site Request Forgery Vulnerability
An exploitable cross-site request forgery vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an authenticated user to perform privileged requests unknowingly, resulting in unauthenticated requests being...
Sierra Wireless AirLink ES450 ACEManager Cross Site Request Forgery
Talos Vulnerability Report TALOS-2018-0751 Sierra Wireless AirLink ES450 ACEManager Cross-Site Request Forgery Vulnerability April 25, 2019 CVE Number CVE-2018-4066 Summary An exploitable cross-site request forgery vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink...