Vulnerabilities (CVE)

Filtered by vendor Sierrawireless Subscribe

Filtered by product Airlink Mp70

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-8782	1 Sierrawireless	14 Airlink Es440, Airlink Es450, Airlink Gx400 and 11 more	2022-02-09	7.5 HIGH	9.8 CRITICAL
Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution.
CVE-2019-11855	1 Sierrawireless	13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more	2022-02-09	7.5 HIGH	9.8 CRITICAL
An RPC server is enabled by default on the gateway's LAN of ALEOS before 4.12.0, 4.9.5, and 4.4.9.
CVE-2019-11852	1 Sierrawireless	13 Airlink Es440, Airlink Es450, Airlink Gx400 and 10 more	2022-02-09	6.4 MEDIUM	9.1 CRITICAL
An out-of-bounds reads vulnerability exists in the ACEView Service of ALEOS before 4.13.0, 4.9.5, and 4.4.9. Sensitive information may be disclosed via the ACEviewservice, accessible by default on the LAN.