Details of VAR-201805-0371

ID

VAR-201805-0371

CVE

CVE-2018-10251

TITLE

plural Sierra Wireless Vulnerabilities related to authorization, authority, and access control in firmware of routers

Trust: 0.8

sources: JVNDB: JVNDB-2018-004909

DESCRIPTION

A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9.3 could allow an unauthenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. plural Sierra Wireless Router firmware contains vulnerabilities related to authorization, authority, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SierraWirelessAirLinkGX400 and others are router products of SierraWireless Canada. There are security holes in several SierraWireless products. Sierra Wireless AirLink GX400 and so on are the router products of Canadian Sierra Wireless company. The following products and versions are affected: Sierra Wireless AirLink GX400 with firmware prior to 4.4.7; Sierra Wireless AirLink GX440 with firmware prior to 4.4.7; Sierra Wireless AirLink ES440 with firmware prior to 4.4.7; Sierra Wireless AirLink LS300 with firmware prior to 4.9.3; Sierra Wireless AirLink GX450 with firmware prior to 4.9.3; Sierra Wireless AirLink ES450 with firmware prior to 4.9.3; Sierra Wireless AirLink RV50 with firmware prior to 4.9.3; Sierra Wireless AirLink RV50X with firmware prior to .3; Sierra Wireless AirLink MP70 with firmware prior to 4.9.3; Sierra Wireless AirLink MP70E with firmware prior to 4.9.3

Trust: 2.34

sources: NVD: CVE-2018-10251 // JVNDB: JVNDB-2018-004909 // CNVD: CNVD-2018-09151 // VULHUB: VHN-119992 // VULMON: CVE-2018-10251

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-09151

AFFECTED PRODUCTS

vendor:	sierrawireless	model:	aleos	scope:	lt	version:	4.4.7	Trust: 1.0
vendor:	sierrawireless	model:	aleos	scope:	lt	version:	4.9.3	Trust: 1.0
vendor:	sierra	model:	airlink es440	scope:	lt	version:	4.4.7	Trust: 0.8
vendor:	sierra	model:	airlink es450	scope:	lt	version:	4.9.3	Trust: 0.8
vendor:	sierra	model:	airlink gx400	scope:	lt	version:	4.4.7	Trust: 0.8
vendor:	sierra	model:	airlink gx440	scope:	lt	version:	4.4.7	Trust: 0.8
vendor:	sierra	model:	airlink gx450	scope:	lt	version:	4.9.3	Trust: 0.8
vendor:	sierra	model:	airlink ls300	scope:	lt	version:	4.4.7	Trust: 0.8
vendor:	sierra	model:	airlink mp70	scope:	lt	version:	4.9.3	Trust: 0.8
vendor:	sierra	model:	airlink mp70e	scope:	lt	version:	4.9.3	Trust: 0.8
vendor:	sierra	model:	airlink rv50	scope:	lt	version:	4.9.3	Trust: 0.8
vendor:	sierra	model:	airlink rv50x	scope:	lt	version:	4.9.3	Trust: 0.8
vendor:	sierra	model:	wireless airlink es440	scope:	lt	version:	4.4.7	Trust: 0.6
vendor:	sierra	model:	wireless airlink ls300	scope:	lt	version:	4.4.7	Trust: 0.6
vendor:	sierra	model:	wireless airlink gx450	scope:	lt	version:	4.9.3	Trust: 0.6
vendor:	sierra	model:	wireless airlink es450	scope:	lt	version:	4.9.3	Trust: 0.6
vendor:	sierra	model:	wireless airlink rv50	scope:	lt	version:	4.9.3	Trust: 0.6
vendor:	sierra	model:	wireless airlink rv50x	scope:	lt	version:	4.9.3	Trust: 0.6
vendor:	sierra	model:	wireless airlink mp70	scope:	lt	version:	4.9.3	Trust: 0.6
vendor:	sierra	model:	wireless airlink mp70e	scope:	lt	version:	4.9.3	Trust: 0.6
vendor:	sierra	model:	wireless airlink gx400	scope:	lt	version:	4.4.7	Trust: 0.6
vendor:	sierra	model:	wireless airlink gx440	scope:	lt	version:	4.4.7	Trust: 0.6

sources: CNVD: CNVD-2018-09151 // JVNDB: JVNDB-2018-004909 // NVD: CVE-2018-10251

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-10251
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-10251
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-09151
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201805-163
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-119992
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-10251
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-10251
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-09151
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-119992
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-10251
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-09151 // VULHUB: VHN-119992 // VULMON: CVE-2018-10251 // JVNDB: JVNDB-2018-004909 // CNNVD: CNNVD-201805-163 // NVD: CVE-2018-10251

PROBLEMTYPE DATA

problemtype:	CWE-862	Trust: 1.1
problemtype:	CWE-1188	Trust: 1.0
problemtype:	CWE-264	Trust: 0.9

sources: VULHUB: VHN-119992 // JVNDB: JVNDB-2018-004909 // NVD: CVE-2018-10251

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201805-163

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201805-163

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004909

PATCH

title:	SWI-PSA-2018-005:CVE-2018-10251: Remote Code ExecutionVulnerability	url:	https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---cve-2018-10251/	Trust: 0.8
title:	Patch for a number of SierraWireless product arbitrary code execution vulnerabilities (CNVD-2018-09151)	url:	https://www.cnvd.org.cn/patchInfo/show/128525	Trust: 0.6
title:	Multiple Sierra Wireless Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79875	Trust: 0.6
title:	Threatpost	url:	https://threatpost.com/sierra-wireless-patches-critical-vulns-in-hundreds-of-thousands-of-wireless-routers/131804/	Trust: 0.1

sources: CNVD: CNVD-2018-09151 // VULMON: CVE-2018-10251 // JVNDB: JVNDB-2018-004909 // CNNVD: CNNVD-201805-163

EXTERNAL IDS

db:	NVD	id:	CVE-2018-10251	Trust: 3.2
db:	JVNDB	id:	JVNDB-2018-004909	Trust: 0.8
db:	CNVD	id:	CNVD-2018-09151	Trust: 0.6
db:	CNNVD	id:	CNNVD-201805-163	Trust: 0.6
db:	VULHUB	id:	VHN-119992	Trust: 0.1
db:	VULMON	id:	CVE-2018-10251	Trust: 0.1

sources: CNVD: CNVD-2018-09151 // VULHUB: VHN-119992 // VULMON: CVE-2018-10251 // JVNDB: JVNDB-2018-004909 // CNNVD: CNNVD-201805-163 // NVD: CVE-2018-10251

REFERENCES

url:	https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---cve-2018-10251/	Trust: 2.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10251	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10251	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/1188.html	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/862.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/sierra-wireless-patches-critical-vulns-in-hundreds-of-thousands-of-wireless-routers/131804/	Trust: 0.1

sources: CNVD: CNVD-2018-09151 // VULHUB: VHN-119992 // VULMON: CVE-2018-10251 // JVNDB: JVNDB-2018-004909 // CNNVD: CNNVD-201805-163 // NVD: CVE-2018-10251

SOURCES

db:	CNVD	id:	CNVD-2018-09151
db:	VULHUB	id:	VHN-119992
db:	VULMON	id:	CVE-2018-10251
db:	JVNDB	id:	JVNDB-2018-004909
db:	CNNVD	id:	CNNVD-201805-163
db:	NVD	id:	CVE-2018-10251

LAST UPDATE DATE

2024-11-23T23:05:07.221000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-09151	date:	2018-05-09T00:00:00
db:	VULHUB	id:	VHN-119992	date:	2019-10-03T00:00:00
db:	VULMON	id:	CVE-2018-10251	date:	2019-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2018-004909	date:	2018-06-29T00:00:00
db:	CNNVD	id:	CNNVD-201805-163	date:	2019-10-08T00:00:00
db:	NVD	id:	CVE-2018-10251	date:	2024-11-21T03:41:06.687

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-09151	date:	2018-05-08T00:00:00
db:	VULHUB	id:	VHN-119992	date:	2018-05-04T00:00:00
db:	VULMON	id:	CVE-2018-10251	date:	2018-05-04T00:00:00
db:	JVNDB	id:	JVNDB-2018-004909	date:	2018-06-29T00:00:00
db:	CNNVD	id:	CNNVD-201805-163	date:	2018-05-07T00:00:00
db:	NVD	id:	CVE-2018-10251	date:	2018-05-04T20:29:00.517