CVE-2015-2054

Published: Feb 23, 2015Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

CRLF injection vulnerability in export.cfg in the web-based administrative console for Sierra Wireless AirCard 760S, 762S, and 763S allows remote attackers to inject arbitrary headers via CRLF sequences in the save parameter.

Affected (3)

Products: Sierra Wireless: Sierra Wireless Aircard 760s, Sierra Wireless Aircard 762s, Sierra Wireless Aircard 763s

Sierra Wireless

3 products

Sierra Wireless Aircard 760s

Sierra Wireless Aircard 762s

Sierra Wireless Aircard 763s

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Sierra Wireless Sierra Wireless Aircard 760s	All versions
Sierra Wireless Sierra Wireless Aircard 762s	All versions
Sierra Wireless Sierra Wireless Aircard 763s	All versions

References (4)

http://seclists.org/fulldisclosure/2015/Jan/58

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/74875

Source: cve@mitre.org

http://seclists.org/fulldisclosure/2015/Jan/58

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/bid/74875

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.