CVE-2017-6044

Name of the Vulnerable Software and Affected Versions Sierra Wireless AirLink Raven XE versions prior to 4.0.14 Sierra Wireless AirLink Raven XT versions prior to 4.0.11

Description An issue with improper authorization was found, allowing several files and directories to be accessed without authentication. This could enable a remote attacker to perform sensitive functions, including arbitrary file upload, file download, and device reboot.

Recommendations For Sierra Wireless AirLink Raven XE versions prior to 4.0.14, update to version 4.0.14 or later to resolve the issue. For Sierra Wireless AirLink Raven XT versions prior to 4.0.11, update to version 4.0.11 or later to resolve the issue.