Description
Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNET session.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/628568
Scores
EPSS
0.0226
EPSS Percentile
80.8%
Details
CWE
CWE-200
Status
published
Products (1)
sierrawireless/aleos
< 4.4.1
Published
Aug 08, 2015
Tracked Since
Feb 18, 2026