CVE-2018-4063CISA KEVEPSS p97.9%

CVE-2018-4063Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability

Sierra Wireless / AirLink ALEOS

Description

Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

Scoring

EPSS28.06% probability of exploitation · percentile 97.9% · 2026-06-19T12:03:05Z

CISA KEV entry

Added to KEV: 2025-12-12

(incoming)1

TypeTargetConfidenceTier
KEVEntrySierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerabilitykev-cve-2018-40630%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Aviatrix Controller Unrestricted Upload of File
CVE
CVE-2026-1358
CVE
CVE-2025-20188
CVE
CVE-2025-1070
CVE
CVE-2025-48782
CVE
CVE-2025-41758
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.