1. Home
  2. CVE Database
  3. CVE-2015-2054
MEDIUM · 4.3

CVE-2015-2054

CRLF injection vulnerability in export.cfg in the web-based administrative console for Sierra Wireless AirCard 760S, 762S, and 763S allows remote attackers to inject arbitrary headers via CRLF sequenc...

Vulnerability Description

CRLF injection vulnerability in export.cfg in the web-based administrative console for Sierra Wireless AirCard 760S, 762S, and 763S allows remote attackers to inject arbitrary headers via CRLF sequences in the save parameter.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
Sierra WirelessSierra Wireless Aircard 760SAll versions
Sierra WirelessSierra Wireless Aircard 762SAll versions
Sierra WirelessSierra Wireless Aircard 763SAll versions

References

FAQ

What is CVE-2015-2054?

CVE-2015-2054 is a vulnerability with a CVSS score of 4.3 (MEDIUM). CRLF injection vulnerability in export.cfg in the web-based administrative console for Sierra Wireless AirCard 760S, 762S, and 763S allows remote attackers to inject arbitrary headers via CRLF sequenc...

How severe is CVE-2015-2054?

CVE-2015-2054 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-2054?

Check the references section above for vendor advisories and patch information. Affected products include: Sierra Wireless Sierra Wireless Aircard 760S, Sierra Wireless Sierra Wireless Aircard 762S, Sierra Wireless Sierra Wireless Aircard 763S.