CVE-2023-38321

OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter and client-token.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:sierrawireless:lx40:-:*:*:*:*:*:*:*
cpe:2.3:h:sierrawireless:lx60:-:*:*:*:*:*:*:*
cpe:2.3:h:sierrawireless:mp70:-:*:*:*:*:*:*:*
cpe:2.3:h:sierrawireless:rv50x:-:*:*:*:*:*:*:*
cpe:2.3:h:sierrawireless:rv55:-:*:*:*:*:*:*:*

History

03 Jan 2024, 22:30

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
First Time Sierrawireless lx40
Sierrawireless rv50x
Sierrawireless
Sierrawireless mp70
Sierrawireless lx60
Sierrawireless rv55
Sierrawireless aleos
CPE cpe:2.3:h:sierrawireless:mp70:-:*:*:*:*:*:*:*
cpe:2.3:h:sierrawireless:rv55:-:*:*:*:*:*:*:*
cpe:2.3:h:sierrawireless:lx40:-:*:*:*:*:*:*:*
cpe:2.3:h:sierrawireless:rv50x:-:*:*:*:*:*:*:*
cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*
cpe:2.3:h:sierrawireless:lx60:-:*:*:*:*:*:*:*
References () https://openwrt.org/docs/guide-user/services/captive-portal/opennds - () https://openwrt.org/docs/guide-user/services/captive-portal/opennds - Product
References () https://github.com/openNDS/openNDS/blob/master/ChangeLog - () https://github.com/openNDS/openNDS/blob/master/ChangeLog - Release Notes
References () https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2023-006-r3.ashx - () https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2023-006-r3.ashx - Vendor Advisory
CWE CWE-476

25 Dec 2023, 09:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-25 09:15

Updated : 2024-02-28 20:54


NVD link : CVE-2023-38321

Mitre link : CVE-2023-38321

CVE.ORG link : CVE-2023-38321


JSON object : View

Products Affected

sierrawireless

  • rv50x
  • lx40
  • mp70
  • rv55
  • lx60
  • aleos
CWE
CWE-476

NULL Pointer Dereference