Описание
The ACEManager component of ALEOS 4.16 and earlier does not
validate uploaded file names and types, which could potentially allow
an authenticated user to perform client-side script execution within
ACEManager, altering the device functionality until the device is
restarted.
The ACEManager component of ALEOS 4.16 and earlier does not
validate uploaded file names and types, which could potentially allow
an authenticated user to perform client-side script execution within
ACEManager, altering the device functionality until the device is
restarted.
Связанные уязвимости
The ACEManager component of ALEOS 4.16 and earlier does not validate uploaded file names and types, which could potentially allow an authenticated user to perform client-side script execution within ACEManager, altering the device functionality until the device is restarted.
Уязвимость компонента ACEManager операционной системы ALEOS беспроводных маршрутизаторов Sierra Wireless MP70, RV50x, RV55, LX40, LX60 ES450, GX450, позволяющая нарушителю выполнить произвольные сценарии и вызвать перезагрузку устройства