Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.5 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9 could allow an authenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. This vulnerability is due to insufficient input validation on user-controlled input in an HTTP request to the targeted device. An attacker in possession of router login credentials could exploit this vulnerability by sending a crafted HTTP request to an affected system.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Sierra Wireless产品安全漏洞
Vulnerability Description
Sierra Wireless AirLink GX400等都是加拿大Sierra Wireless公司的路由器产品。 多款Sierra Wireless产品中存在安全漏洞,该漏洞源于程序没有对HTTP请求中用户控制的输入执行充分的输入校验。攻击者可通过向受影响系统发送特制的HTTP请求利用该漏洞执行任意代码并完全控制受影响的系统(包括以root权限发布命令)。以下产品和版本受到影响:使用4.4.5之前版本固件的Sierra Wireless AirLink GX400;使用4.4.5之前版本固件的Sie
CVSS Information
N/A
Vulnerability Type
N/A