cbcvebase.
CVE-2017-6044
published 2017-06-30

CVE-2017-6044: An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to…

PriorityP263critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
4.26%
89.8th percentile
An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Several files and directories can be accessed without authentication, which may allow a remote attacker to perform sensitive functions including arbitrary file upload, file download, and device reboot.

Affected

1 ranges
VendorProductVersion rangeFixed in
sierra_wirelessairlink_raven_xe_firmware<= -

Detection & IOCsextracted from sources · hover to see the quote

  • Several files and directories on Sierra Wireless AirLink Raven XE/XT are accessible without authentication — probe for unauthenticated GET/POST requests to device web interface paths (file upload, file download, reboot endpoints) as an indicator of exploitation attempts.
  • The vulnerability is remotely exploitable with no authentication required (CVSS PR:N, UI:N) and public exploits are available — monitor for unauthenticated access attempts to Sierra Wireless AirLink Raven XE (pre-4.0.14) and Raven XT (pre-4.0.11) management interfaces from external/internet-facing sources.
  • Credentials transmitted by affected devices are insufficiently protected and vulnerable to sniffing — monitor for cleartext credential exposure on the network from these devices.
  • ·Sierra Wireless confirmed the insufficiently protected credentials vulnerability (CVE-2017-6046) will NOT be patched — organizations must accept residual risk or implement compensating controls for credential sniffing on these devices.
  • ·Affected firmware versions are: AirLink Raven XE all versions prior to 4.0.14, and AirLink Raven XT all versions prior to 4.0.11 — use firmware version checks to identify vulnerable assets in the environment.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.