Airlink Es450 Firmware Security Vulnerabilities and Issues — Airlink Es450 Firmware CVE List

Lucene search

SierrawirelessAirlink Es450 Firmware

3 matches found

CVE•added 2019/05/06 7:29 p.m.•59 views

CVE-2018-4063

An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated...

9CVSS8.7AI score0.00194EPSS

CVE•added 2019/05/06 6:29 p.m.•56 views

CVE-2018-4061

An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can inject arbitrary commands, resulting in arbitrary command execution. An attacker can send an authenticated HTTP request...

9CVSS8.7AI score0.00258EPSS

CVE•added 2019/05/06 7:29 p.m.•43 views

CVE-2018-4062

A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any...

9.3CVSS7.7AI score0.00306EPSS