PT-2018-9785 · Sierra Wireless · Sierra Wireless Airlink Rv50+5

Publicado

2018-05-04

Atualizado

2019-10-03

CVE-2018-10251

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers versions prior to 4.4.7 Sierra Wireless AirLink GX450, ES450, RV50, RV50X, MP70, and MP70E routers versions prior to 4.9.3

Description: A vulnerability could allow an unauthenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges.

Recommendations: For Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers, update the firmware to version 4.4.7 or later. For Sierra Wireless AirLink GX450, ES450, RV50, RV50X, MP70, and MP70E routers, update the firmware to version 4.9.3 or later.

Correção

Missing Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-862CWE-1188

Identificadores relacionados

CVE-2018-10251

Produtos afetados

Sierra Wireless Airlink Es440

Sierra Wireless Airlink Es450

Sierra Wireless Airlink Gx400

Sierra Wireless Airlink Ls300

Sierra Wireless Airlink Mp70

Sierra Wireless Airlink Rv50

PT-2018-9785 · Sierra Wireless · Sierra Wireless Airlink Rv50+5

CVE-2018-10251

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3