Hard-Coded Credentials Vulnerability in Sierra Wireless AirLink ES450 Network Device
CVE-2018-4062

8.1HIGH

Key Information:

Vendor: Sierrawireless
Status: Sierra Wireless
Vendor: CVE Published:; 6 May 2019

🔔 Create Sierrawireless Vulnerability Alert

What is CVE-2018-4062?

A vulnerability exists in the SNMPD function of the Sierra Wireless AirLink ES450 device running firmware version 4.9.3, where hard-coded credentials can be exploited. This issue arises when SNMPD is activated outside of the web user interface, allowing unauthorized access to privileged user credentials without requiring any configuration changes. It poses significant risk as malicious actors can trigger this vulnerability easily, potentially compromising the security of sensitive network operations.