Sierra Wireless Airlink Raven Xe Firmware vulnerabilities
3 known vulnerabilities affecting sierra_wireless/airlink_raven_xe_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2017-6044P2CRITICALCVSS 9.8≤ -2017-06-30
CVE-2017-6044 [CRITICAL] CWE-285 CVE-2017-6044: An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions pri
An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Several files and directories can be accessed without authentication, which may allow a remote attacker to perform sensitive functions including arbitrary file upload, file download, an
nvd
CVE-2017-6042P3HIGHCVSS 8.8≤ -2017-06-30
CVE-2017-6042 [HIGH] CWE-352 CVE-2017-6042: A Cross-Site Request Forgery issue was discovered in Sierra Wireless AirLink Raven XE, all versions
A Cross-Site Request Forgery issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Affected devices do not verify if a request was intentionally sent by the logged-in user, which may allow an attacker to trick a client into making an unintentional request to the web ser
nvd
CVE-2017-6046P3HIGHCVSS 7.5≤ -2017-06-30
CVE-2017-6046 [HIGH] CWE-522 CVE-2017-6046: An Insufficiently Protected Credentials issue was discovered in Sierra Wireless AirLink Raven XE, al
An Insufficiently Protected Credentials issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Sensitive information is insufficiently protected during transmission and vulnerable to sniffing, which could lead to information disclosure.
nvd