PT-2018-9785 · Sierra Wireless · Sierra Wireless Airlink Rv50+5

Published

2018-05-04

Updated

2019-10-03

CVE-2018-10251

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers versions prior to 4.4.7 Sierra Wireless AirLink GX450, ES450, RV50, RV50X, MP70, and MP70E routers versions prior to 4.9.3

Description: A vulnerability could allow an unauthenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges.

Recommendations: For Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers, update the firmware to version 4.4.7 or later. For Sierra Wireless AirLink GX450, ES450, RV50, RV50X, MP70, and MP70E routers, update the firmware to version 4.9.3 or later.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862CWE-1188

Related Identifiers

CVE-2018-10251

Affected Products

Sierra Wireless Airlink Es440

Sierra Wireless Airlink Es450

Sierra Wireless Airlink Gx400

Sierra Wireless Airlink Ls300

Sierra Wireless Airlink Mp70

Sierra Wireless Airlink Rv50

PT-2018-9785 · Sierra Wireless · Sierra Wireless Airlink Rv50+5

CVE-2018-10251

Weakness Enumeration

Related Identifiers

Affected Products

References · 3