33 matches found
EUVD-2018-17049
Malware in sbrugna...
EUVD-2019-7106
Malware in sbrugna...
EUVD-2018-17048
Malware in sbrugna...
EUVD-2018-16857
Malware in sbrugna...
EUVD-2018-17497
Malware in sbrugna...
CVE-2019-16320
Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...
CVE-2018-5728
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details...
CVE-2019-16320
Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...
CVE-2019-16320
Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...
Information disclosure
Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...
CVE-2019-16320
Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...
Cobham Sea Tel Information Disclosure Vulnerability (CNVD-2018-03967)
Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. An information disclosure vulnerability exists in Cobham Sea Tel version 121 build 222701. A remote attacker can exploit this vulnerability by sending a /cgi-bin/getSysStatus request to obtain sensitive information...
CVE-2018-5728
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details...
Cross site request forgery (csrf)
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details...
CVE-2018-5728
CVE-2018-5728 concerns Cobham Sea Tel 121 build 222701 devices. A remote attacker can disclose potentially sensitive information by sending a request to /cgi-bin/getSysStatus, exposing ship latitude/longitude and satellite details. The vulnerability is described as an information disclosure issue...
CVE-2018-5728
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details...
Cobham Sea Tel Information Disclosure Vulnerability
Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. An information disclosure vulnerability exists in Cobham Sea Tel version 121 build 222701. An attacker can exploit this vulnerability by reading the loginName line in the js/userLogin.js URI to obtain sensitive...
Cobham Sea Tel Security Bypass Vulnerability
Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. A security bypass vulnerability exists in Cobham Sea Tel version 121 build 222701. A remote attacker can bypass authentication by sending a direct request to the MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html,...
Cobham Sea Tel Web Server Cross-Site Scripting Vulnerability
Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. A cross-site scripting vulnerability exists in the web server in Cobham Sea Tel version 116 build 222429. The vulnerability can be exploited by a remote attacker to inject malicious JavaScript code via the device's TELN...
Cross site scripting
Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command. This is similar to a Cross...