Sierrawireless: >> Airlink Ls300 Security Vulnerabilities
A buffer overflow exists in the SMS handler API of ALEOS before 4.13.0, 4.9.5, 4.9.4 that may allow code execution as root.
CVSS Score
6.0
EPSS Score
0.0
Published
2020-08-21
Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNET session.
CVSS Score
10.0
EPSS Score
0.0
Published
2015-08-08
Page 2