6 matches found
Cobham Satcom Sailor 250 and 500 Trust Management Vulnerabilities
The Cobham Satcom Sailor 250 and Cobham Satcom Sailor 500 are both shipboard maritime satellite broadband terminals from Cobham UK. A security vulnerability exists in the Cobham Satcom Sailor 250 and 500 using firmware versions prior to 1.25. A remote attacker could use this vulnerability to chan...
Cobham Satcom Sailor 250 and 500 Cross-Site Scripting Vulnerabilities
The Cobham Satcom Sailor 250 and Cobham Satcom Sailor 500 are both shipboard maritime satellite broadband terminals from Cobham UK. A cross-site scripting vulnerability exists in the Cobham Satcom Sailor 250 and 500 using firmware versions prior to 1.25. A remote attacker can exploit this...
CVE-2018-19392
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an unauthenticated password reset vulnerability. This could allow modification of any user account's password including the default "admin" account, without prior knowledge of their password. All that is required is knowledge of the...
Design/Logic Flaw
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an unauthenticated password reset vulnerability. This could allow modification of any user account's password including the default "admin" account, without prior knowledge of their password. All that is required is knowledge of the...
CVE-2018-19391
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained persistent XSS, which could be exploited by an unauthenticated threat actor via the /index.lua?pageID=Phone%20book name field...
CVE-2018-19391
The CVE-2018-19391 entry concerns Cobham Satcom Sailor 250 and Sailor 500 devices with persistent cross-site scripting (XSS) in firmware before 1.25. An unauthenticated attacker can exploit this via the /index.lua?pageID=Phone%20book name field to inject JavaScript. Connected CNVD/NVD records con...