Lucene search
K

6 matches found

CNVD
CNVD
added 2019/03/19 12:0 a.m.2 views

Cobham Satcom Sailor 250 and 500 Trust Management Vulnerabilities

The Cobham Satcom Sailor 250 and Cobham Satcom Sailor 500 are both shipboard maritime satellite broadband terminals from Cobham UK. A security vulnerability exists in the Cobham Satcom Sailor 250 and 500 using firmware versions prior to 1.25. A remote attacker could use this vulnerability to chan...

9.8CVSS7AI score0.01408EPSS
Exploits1References1
CNVD
CNVD
added 2019/03/19 12:0 a.m.4 views

Cobham Satcom Sailor 250 and 500 Cross-Site Scripting Vulnerabilities

The Cobham Satcom Sailor 250 and Cobham Satcom Sailor 500 are both shipboard maritime satellite broadband terminals from Cobham UK. A cross-site scripting vulnerability exists in the Cobham Satcom Sailor 250 and 500 using firmware versions prior to 1.25. A remote attacker can exploit this...

6.1CVSS6.5AI score0.00726EPSS
Exploits1References1
OSV
OSV
added 2019/03/15 4:29 p.m.3 views

CVE-2018-19392

Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an unauthenticated password reset vulnerability. This could allow modification of any user account's password including the default "admin" account, without prior knowledge of their password. All that is required is knowledge of the...

9.8CVSS5.8AI score0.01408EPSS
Exploits1References2
Prion
Prion
added 2019/03/15 4:29 p.m.10 views

Design/Logic Flaw

Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an unauthenticated password reset vulnerability. This could allow modification of any user account's password including the default "admin" account, without prior knowledge of their password. All that is required is knowledge of the...

5CVSS9.6AI score0.01408EPSS
Exploits1References2Affected Software2
OSV
OSV
added 2019/03/15 4:29 p.m.3 views

CVE-2018-19391

Cobham Satcom Sailor 250 and 500 devices before 1.25 contained persistent XSS, which could be exploited by an unauthenticated threat actor via the /index.lua?pageID=Phone%20book name field...

6.1CVSS5.8AI score0.00726EPSS
Exploits1References2
CVE
CVE
added 2019/03/15 4:0 p.m.54 views

CVE-2018-19391

The CVE-2018-19391 entry concerns Cobham Satcom Sailor 250 and Sailor 500 devices with persistent cross-site scripting (XSS) in firmware before 1.25. An unauthenticated attacker can exploit this via the /index.lua?pageID=Phone%20book name field to inject JavaScript. Connected CNVD/NVD records con...

6.1CVSS6.4AI score0.00726EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder