Skip to main content

Aleos CVE-2023-38321

HIGH
NULL Pointer Dereference (CWE-476)
2023-12-25 cve@mitre.org
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 25, 2023 - 09:15 nvd
HIGH 7.5

DescriptionNVD

OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter and client-token.

AnalysisAI

OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as NULL Pointer Dereference (CWE-476), which allows attackers to crash the application by dereferencing a null pointer. OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter and client-token. Affected products include: Sierrawireless Aleos. Version information: before 4.17.0.12.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Check pointers before dereferencing. Use static analysis tools to detect null pointer paths.

More in Aleos

View all
CVE-2015-2897 CRITICAL
10.0 Aug 08

Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier

CVE-2020-8782 CRITICAL
9.8 Oct 06

Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 allows remote code execution. Rated critical severit

CVE-2018-10251 CRITICAL
9.8 May 04

A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 and GX450,

CVE-2020-8781 HIGH
7.8 Oct 06

Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-pri

CVE-2023-40462 HIGH
7.5 Dec 04

The ACEManager component of ALEOS 4.16 and earlier does not perform input sanitization during authentication, which coul

CVE-2023-40459 HIGH
7.5 Dec 04

The ACEManager component of ALEOS 4.16 and earlier does not adequately perform input sanitization during authentication,

CVE-2023-40458 HIGH
7.5 Nov 29

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Sierra Wireless, Inc ALEOS could potentially all

CVE-2023-40463 HIGH
7.2 Dec 04

When configured in debugging mode by an authenticated user with administrative privileges, ALEOS 4.16 and earlier store

CVE-2023-40464 MEDIUM
6.8 Dec 04

Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. Rated medium severit

CVE-2023-40465 MEDIUM
5.5 Dec 04

Several versions of ALEOS, including ALEOS 4.16.0, include an opensource third-party component which can be exploited fr

CVE-2023-40460 MEDIUM
5.4 Dec 04

The ACEManager component of ALEOS 4.16 and earlier does not validate uploaded file names and types, which could potentia

CVE-2023-40461 MEDIUM
4.8 Dec 04

The ACEManager component of ALEOS 4.16 and earlier allows an authenticated user with Administrator privileges to access

Share

CVE-2023-38321 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy