CVE-2018-10251

CRITICAL

Sierra Wireless AirLink - RCE

Title source: llm

Description

A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9.3 could allow an unauthenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges.

References (1)

[Mitigation, Vendor Advisory] https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---cve-2018-10251/

Scores

CVSS v3 9.8

EPSS 0.0008

EPSS Percentile 23.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-862 CWE-1188

Status published

Products (1)

sierrawireless/aleos < 4.4.7

Published May 04, 2018

Tracked Since Feb 18, 2026