Home / os / winmobile

Sierra Wireless AirLink ES450 ACEManager iplogging.cgi Command Injection

Posted on 27 April 2019

An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can inject arbitrary commands, resulting in arbitrary command execution. An attacker can send an authenticated HTTP request to trigger this vulnerability.

 

TOP

Malware :

Exploits :