CVE-2017-6044 - AskarLabs CVE Database

CVE-2017-6044

Vendor N/A

Product Sierra Wireless AirLink Raven XE and XT

Weakness CWE-285

Published June 30, 2017

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Several files and directories can be accessed without authentication, which may allow a remote attacker to perform sensitive functions including arbitrary file upload, file download, and device reboot.

Key dates

02Disclosure timeline

June 30, 2017 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-6044 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/285.html

Related vulnerabilities

04Related CVE

CVE-2021-42000 Ping Identity PingFederate Password Reset and Password Change Mishandling with an authentication policy in parallel reset flows CVE-2025-3537 Tutorials-Website Employee Management System update-user.php improper authorization CVE-2026-2015 Portabilis i-Educar Final Status Import FinalStatusImportService.php improper authorization CVE-2025-20264 Cisco Identity Services Engine Authorization Bypass Vulnerability CVE-2025-6702 linlinjava litemall post improper authorization