Multiple vulnerabilities in Sierra Wireless AirLink Router with ALEOS Software
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2022-46649 CVE-2022-46650 |
| CWE-ID | CWE-88 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Airlink Router ES450 Hardware solutions / Routers & switches, VoIP, GSM, etc Airlink Router GX450 Hardware solutions / Routers & switches, VoIP, GSM, etc Airlink Router MP70 Hardware solutions / Routers & switches, VoIP, GSM, etc Airlink Router RV50 Hardware solutions / Routers & switches, VoIP, GSM, etc Airlink Router RV50x Hardware solutions / Routers & switches, VoIP, GSM, etc Airlink Router RV55 Hardware solutions / Routers & switches, VoIP, GSM, etc Airlink Router LX 40 Hardware solutions / Routers & switches, VoIP, GSM, etc Airlink Router LX60 Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | Sierra Wireless |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Improper Neutralization of Argument Delimiters in a Command
EUVDB-ID: #VU71592
Risk: Medium
CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-46649
CWE-ID:
CWE-88 - Argument Injection or Modification
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to an argument injection issue. A remote user on the local network can manipulate the IP logging operation to execute arbitrary shell commands on the device.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAirlink Router ES450: 4.9.7
Airlink Router GX450: 4.9.7
Airlink Router MP70: before 4.16.0
Airlink Router RV50: before 4.16.0
Airlink Router RV50x: before 4.16.0
Airlink Router RV55: before 4.16.0
Airlink Router LX 40: before 4.16.0
Airlink Router LX60: before 4.16.0
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-23-026-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU71594
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-46650
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote administrator can reconfigure the device to expose the ACEManager credentials on the pre-login status page.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAirlink Router ES450: 4.9.7
Airlink Router GX450: 4.9.7
Airlink Router MP70: before 4.16.0
Airlink Router RV50: before 4.16.0
Airlink Router RV50x: before 4.16.0
Airlink Router RV55: before 4.16.0
Airlink Router LX 40: before 4.16.0
Airlink Router LX60: before 4.16.0
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-23-026-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
