The ACEManager component of ALEOS 4.16 and earlier does not adequately perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HSierrawireless Aleos
OSSierrawireless≤ 4.16.0Sierrawireless Es450
HWSierrawirelesswszystkie wersjeSierrawireless Gx450
HWSierrawirelesswszystkie wersjeSierrawireless Lx40
HWSierrawirelesswszystkie wersjeSierrawireless Lx60
HWSierrawirelesswszystkie wersjeSierrawireless Mp70
HWSierrawirelesswszystkie wersjeSierrawireless Rv50x
HWSierrawirelesswszystkie wersjeSierrawireless Rv55
HWSierrawirelesswszystkie wersje
Powiązane podatności
The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through...
Lack of input sanitization in AceManager of ALEOS before 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitiv...
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 a...
An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless A...
OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to caus...