{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T21:07:52.658","vulnerabilities":[{"cve":{"id":"CVE-2018-4063","sourceIdentifier":"talos-cna@cisco.com","published":"2019-05-06T19:29:00.637","lastModified":"2025-12-15T15:18:49.987","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad explotable de ejecución remota de código en la funcionalidad upload.cgi de Sierra Wireless AirLink ES450 FW 4.9.3. Una petición HTTP especialmente diseñada puede permitir cargar un archivo, que daría como resultado que el código ejecutable se cargue y se pueda enrutar en el servidor web. Un atacante puede realizar una petición HTTP autenticada para desencadenar esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N\/AC:L\/Au:S\/C:C\/I:C\/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2025-12-12","cisaActionDue":"2026-01-02","cisaRequiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*","versionEndExcluding":"4.4.9","matchCriteriaId":"E9B26ADF-46F0-42E9-B434-B1BDD3B3FA51"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_es440:-:*:*:*:*:*:*:*","matchCriteriaId":"A539809A-2F36-49E5-B6E1-7D13057CB5CC"},{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_gx400:-:*:*:*:*:*:*:*","matchCriteriaId":"3ED4507B-D487-40BB-8F0C-DDE252844BF7"},{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_gx440:-:*:*:*:*:*:*:*","matchCriteriaId":"2F6861FB-F310-4B6D-BEDD-0B1611E5CE2D"},{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_ls300:-:*:*:*:*:*:*:*","matchCriteriaId":"06302D92-3C19-414A-B976-779FE9B01915"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*","versionEndExcluding":"4.11.0","matchCriteriaId":"22BF7599-D3BB-4273-847E-28E84AF19C07"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_lx40:-:*:*:*:*:*:*:*","matchCriteriaId":"C4CEDB07-37C9-444F-9670-1807E7C3E734"},{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_lx60:-:*:*:*:*:*:*:*","matchCriteriaId":"631F6248-DA94-4BF8-9F78-3636CBD67F2E"},{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_mp70:-:*:*:*:*:*:*:*","matchCriteriaId":"3D40D05C-2C06-40D7-A060-AB695909E559"},{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_mp70e:-:*:*:*:*:*:*:*","matchCriteriaId":"AD91027A-EFC8-4A29-B880-CE39D00DF86F"},{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_rv50:-:*:*:*:*:*:*:*","matchCriteriaId":"282D04AE-5657-42C6-9EF1-89FA8388D746"},{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_rv50x:-:*:*:*:*:*:*:*","matchCriteriaId":"AA1C2197-E412-4FE2-8DE8-3048A3727A58"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*","versionEndExcluding":"4.9.4","matchCriteriaId":"5BA6B3FE-7242-44A0-8DFE-0835A06BB61A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_es450:-:*:*:*:*:*:*:*","matchCriteriaId":"3E042BE5-9B2E-42B9-B455-FDB35251B0A6"},{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_gx450:-:*:*:*:*:*:*:*","matchCriteriaId":"F20FC147-11AF-4E39-978A-0BC270B3CF01"}]}]}],"references":[{"url":"http:\/\/packetstormsecurity.com\/files\/152648\/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html","source":"talos-cna@cisco.com","tags":["Exploit","VDB Entry"]},{"url":"http:\/\/www.securityfocus.com\/bid\/108147","source":"talos-cna@cisco.com","tags":["Broken Link"]},{"url":"https:\/\/ics-cert.us-cert.gov\/advisories\/ICSA-19-122-03","source":"talos-cna@cisco.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2018-0748","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"http:\/\/packetstormsecurity.com\/files\/152648\/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","VDB Entry"]},{"url":"http:\/\/www.securityfocus.com\/bid\/108147","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https:\/\/ics-cert.us-cert.gov\/advisories\/ICSA-19-122-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2018-0748","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-4063","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]},{"url":"https:\/\/www.forescout.com\/blog\/ot-network-security-threats-industrial-routers-under-attack\/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}}]}