Known Vulnerabilities for products from Sierawireless
Listed below are 12 of the newest known vulnerabilities associated with the vendor "Sierawireless".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-8782 | Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution. | 9.8 - CRITICAL | 2020-10-06 | 2022-02-09 |
| CVE-2020-8781 | Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-privileg... | 7.8 - HIGH | 2020-10-06 | 2022-02-09 |
| CVE-2019-11859 | A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root. | 8.8 - HIGH | 2020-08-21 | 2022-02-09 |
| CVE-2019-11858 | Multiple buffer overflow vulnerabilities exist in the AceManager Web API of ALEOS before 4.13.0, 4.9.5, and 4.4.9. | 7.2 - HIGH | 2020-08-21 | 2022-02-09 |
| CVE-2019-11857 | Lack of input sanitization in AceManager of ALEOS before 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitive system inform... | 4.9 - MEDIUM | 2020-08-21 | 2022-02-09 |
| CVE-2019-11856 | A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. C... | 3.8 - LOW | 2020-08-21 | 2022-02-09 |
| CVE-2019-11855 | An RPC server is enabled by default on the gateway's LAN of ALEOS before 4.12.0, 4.9.5, and 4.4.9. | 9.8 - CRITICAL | 2020-08-21 | 2022-02-09 |
| CVE-2019-11853 | Several potential command injections vulnerabilities exist in the AT command interface of ALEOS before 4.11.0, and 4.9.4. | 7.2 - HIGH | 2020-08-21 | 2022-02-09 |
| CVE-2019-11852 | An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS before 4.13.0, 4.9.5, and 4.4.9. Sensitive inform... | 9.1 - CRITICAL | 2020-08-21 | 2022-02-09 |
| CVE-2019-11850 | A stack overflow vulnerabiltity exist in the AT command interface of ALEOS before 4.11.0. The vulnerability may allow code ex... | 6.7 - MEDIUM | 2020-08-21 | 2022-02-09 |
| CVE-2019-11849 | A stack overflow vulnerabiltity exists in the AT command APIs of ALEOS before 4.11.0. The vulnerability may allow code execut... | 6.7 - MEDIUM | 2020-08-21 | 2022-02-09 |
| CVE-2019-11848 | An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking w... | 7.2 - HIGH | 2020-08-21 | 2022-02-09 |