CVE-2023-40465

Summary

Several versions of ALEOS, including ALEOS 4.16.0, include an opensource

third-party component which can be exploited from the local

area network, resulting in a Denial of Service condition for the captive portal.

Affected Software

VendorProductVersion RangeStatus
SierraWirelessALEOS4.10 <= 4.16affected
SierraWirelessALEOS0 <= 4.9.8affected

Weaknesses

  • CWE-121: CWE-121
  • CWE-122: CWE-122

ADP Enrichment

CVE Program Container

Additional References

References