Vulnerability Description
OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter and client-token.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sierrawireless | Aleos | < 4.17.0.12 |
| Sierrawireless | Lx40 | - |
| Sierrawireless | Lx60 | - |
| Sierrawireless | Mp70 | - |
| Sierrawireless | Rv50X | - |
| Sierrawireless | Rv55 | - |
Related Weaknesses (CWE)
References
- https://github.com/openNDS/openNDS/blob/master/ChangeLogRelease Notes
- https://openwrt.org/docs/guide-user/services/captive-portal/openndsProduct
- https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pVendor Advisory
- https://github.com/openNDS/openNDS/blob/master/ChangeLogRelease Notes
- https://openwrt.org/docs/guide-user/services/captive-portal/openndsProduct
- https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pVendor Advisory
FAQ
What is CVE-2023-38321?
CVE-2023-38321 is a vulnerability with a CVSS score of 7.5 (HIGH). OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) ...
How severe is CVE-2023-38321?
CVE-2023-38321 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-38321?
Check the references section above for vendor advisories and patch information. Affected products include: Sierrawireless Aleos, Sierrawireless Lx40, Sierrawireless Lx60, Sierrawireless Mp70, Sierrawireless Rv50X.