Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sierra Security Vulnerabilities

cve
cve

CVE-2013-20003

Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave...

8.3CVSS

7.9AI Score

0.003EPSS

2022-02-04 11:15 PM
31
cve
cve

CVE-2017-6042

A Cross-Site Request Forgery issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Affected devices do not verify if a request was intentionally sent by the logged-in user, which may allow an attacker to trick a.....

8.8CVSS

8.5AI Score

0.001EPSS

2017-06-30 03:29 AM
26
cve
cve

CVE-2017-6044

An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Several files and directories can be accessed without authentication, which may allow a remote attacker to perform sensitive...

9.8CVSS

9.2AI Score

0.004EPSS

2017-06-30 03:29 AM
28
cve
cve

CVE-2017-6046

An Insufficiently Protected Credentials issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Sensitive information is insufficiently protected during transmission and vulnerable to sniffing, which could lead to.....

7.5CVSS

7.1AI Score

0.001EPSS

2017-06-30 03:29 AM
30
cve
cve

CVE-2015-2054

CRLF injection vulnerability in export.cfg in the web-based administrative console for Sierra Wireless AirCard 760S, 762S, and 763S allows remote attackers to inject arbitrary headers via CRLF sequences in the save...

7.2AI Score

0.002EPSS

2015-02-23 05:59 PM
15
cve
cve

CVE-2008-3286

SWAT 4 1.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) VERIFYCONTENT or (2) GAMECONFIG command sent to the server before user session initialization, which triggers a NULL pointer dereference; or (3) a GAMESPYRESPONSE command followed by a long RS...

6.8AI Score

0.053EPSS

2008-07-24 05:41 PM
18
cve
cve

CVE-2001-0358

Buffer overflows in Sierra Half-Life build 1573 and earlier allow remote attackers to execute arbitrary code via (1) a long map command, (2) a long exec command, or (3) long input in a configuration...

8.1AI Score

0.048EPSS

2001-06-27 04:00 AM
26
cve
cve

CVE-2001-0359

Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map...

7.9AI Score

0.015EPSS

2001-06-27 04:00 AM
27