CVE-2018-4063 (GCVE-0-2018-4063)
Vulnerability from cvelistv5
Published
2019-05-06 18:43
Modified
2025-12-13 04:55
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • remote code execution
Summary
An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability.
References
Impacted products
Vendor Product Version
n/a Sierra Wireless Version: Sierra Wireless AirLink ES450 FW 4.9.3
CISA Known Exploited Vulnerability
Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2025-12-12

Due date: 2026-01-02

Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Used in ransomware: Unknown

Notes: https://www.cisa.gov/news-events/ics-advisories/icsa-19-122-03 ; https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---swi-psa-2019-003 ; https://source.sierrawireless.com/resources/airlink/hardware_reference_docs/airlink_es450_eol ; https://nvd.nist.gov/vuln/detail/CVE-2018-4063

Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:04:29.488Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152648/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
          },
          {
            "name": "108147",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108147"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0748"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2018-4063",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-12T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-434",
                "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-13T04:55:16.023Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory"
            ],
            "url": "https://www.forescout.com/blog/ot-network-security-threats-industrial-routers-under-attack/"
          },
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-4063"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Sierra Wireless",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Sierra Wireless AirLink ES450 FW 4.9.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "remote code execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-07T19:16:23.000Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152648/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
        },
        {
          "name": "108147",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108147"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0748"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "ID": "CVE-2018-4063",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Sierra Wireless",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Sierra Wireless AirLink ES450 FW 4.9.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "remote code execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/152648/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152648/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03"
            },
            {
              "name": "108147",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108147"
            },
            {
              "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0748",
              "refsource": "MISC",
              "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0748"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2018-4063",
    "datePublished": "2019-05-06T18:43:31.000Z",
    "dateReserved": "2018-01-02T00:00:00.000Z",
    "dateUpdated": "2025-12-13T04:55:16.023Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2018-4063",
      "cwes": "[\"CWE-434\"]",
      "dateAdded": "2025-12-12",
      "dueDate": "2026-01-02",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-122-03 ; https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---swi-psa-2019-003 ; https://source.sierrawireless.com/resources/airlink/hardware_reference_docs/airlink_es450_eol ; https://nvd.nist.gov/vuln/detail/CVE-2018-4063",
      "product": "AirLink ALEOS",
      "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.",
      "vendorProject": "Sierra Wireless",
      "vulnerabilityName": "Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-4063\",\"sourceIdentifier\":\"talos-cna@cisco.com\",\"published\":\"2019-05-06T19:29:00.637\",\"lastModified\":\"2025-12-15T15:18:49.987\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad explotable de ejecuci\u00f3n remota de c\u00f3digo en la funcionalidad upload.cgi de Sierra Wireless AirLink ES450 FW 4.9.3. Una petici\u00f3n HTTP especialmente dise\u00f1ada puede permitir cargar un archivo, que dar\u00eda como resultado que el c\u00f3digo ejecutable se cargue y se pueda enrutar en el servidor web. Un atacante puede realizar una petici\u00f3n HTTP autenticada para desencadenar esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2025-12-12\",\"cisaActionDue\":\"2026-01-02\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.4.9\",\"matchCriteriaId\":\"E9B26ADF-46F0-42E9-B434-B1BDD3B3FA51\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_es440:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A539809A-2F36-49E5-B6E1-7D13057CB5CC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_gx400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ED4507B-D487-40BB-8F0C-DDE252844BF7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_gx440:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6861FB-F310-4B6D-BEDD-0B1611E5CE2D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_ls300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06302D92-3C19-414A-B976-779FE9B01915\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.11.0\",\"matchCriteriaId\":\"22BF7599-D3BB-4273-847E-28E84AF19C07\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_lx40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4CEDB07-37C9-444F-9670-1807E7C3E734\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_lx60:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"631F6248-DA94-4BF8-9F78-3636CBD67F2E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_mp70:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D40D05C-2C06-40D7-A060-AB695909E559\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_mp70e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD91027A-EFC8-4A29-B880-CE39D00DF86F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_rv50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"282D04AE-5657-42C6-9EF1-89FA8388D746\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_rv50x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA1C2197-E412-4FE2-8DE8-3048A3727A58\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.9.4\",\"matchCriteriaId\":\"5BA6B3FE-7242-44A0-8DFE-0835A06BB61A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_es450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E042BE5-9B2E-42B9-B455-FDB35251B0A6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sierrawireless:airlink_gx450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F20FC147-11AF-4E39-978A-0BC270B3CF01\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/152648/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Exploit\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/108147\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0748\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/152648/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/108147\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0748\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-4063\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://www.forescout.com/blog/ot-network-security-threats-industrial-routers-under-attack/\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://packetstormsecurity.com/files/152648/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/108147\", \"name\": \"108147\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0748\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T05:04:29.488Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-4063\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-12T18:36:49.900801Z\"}}}], \"references\": [{\"url\": \"https://www.forescout.com/blog/ot-network-security-threats-industrial-routers-under-attack/\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-4063\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-434\", \"description\": \"CWE-434 Unrestricted Upload of File with Dangerous Type\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-12T14:27:59.589Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Sierra Wireless\", \"versions\": [{\"status\": \"affected\", \"version\": \"Sierra Wireless AirLink ES450 FW 4.9.3\"}]}], \"references\": [{\"url\": \"http://packetstormsecurity.com/files/152648/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.securityfocus.com/bid/108147\", \"name\": \"108147\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0748\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"remote code execution\"}]}], \"providerMetadata\": {\"orgId\": \"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b\", \"shortName\": \"talos\", \"dateUpdated\": \"2019-05-07T19:16:23.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"Sierra Wireless AirLink ES450 FW 4.9.3\"}]}, \"product_name\": \"Sierra Wireless\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://packetstormsecurity.com/files/152648/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/152648/Sierra-Wireless-AirLink-ES450-ACEManager-upload.cgi-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03\", \"name\": \"https://ics-cert.us-cert.gov/advisories/ICSA-19-122-03\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.securityfocus.com/bid/108147\", \"name\": \"108147\", \"refsource\": \"BID\"}, {\"url\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0748\", \"name\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2018-0748\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"remote code execution\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2018-4063\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"talos-cna@cisco.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2018-4063\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-13T04:55:16.023Z\", \"dateReserved\": \"2018-01-02T00:00:00.000Z\", \"assignerOrgId\": \"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b\", \"datePublished\": \"2019-05-06T18:43:31.000Z\", \"assignerShortName\": \"talos\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.