8 matches found
CVE-2025-67780
SpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 e.g., on Mini1prod2 allow administrative actions via unauthenticated LAN gRPC requests, aka MARMALADE 2. The cross-origin policy can be bypassed by omitting a Referer header. In some cases, an attacker's ability to read tilt, rotation,...
CVE-2025-67780
SpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 e.g., on Mini1prod2 allow administrative actions via unauthenticated LAN gRPC requests, aka MARMALADE 2. The cross-origin policy can be bypassed by omitting a Referer header. In some cases, an attacker's ability to read tilt, rotation,...
CVE-2025-67780
SpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 e.g., on Mini1prod2 allow administrative actions via unauthenticated LAN gRPC requests, aka MARMALADE 2. The cross-origin policy can be bypassed by omitting a Referer header. In some cases, an attacker's ability to read tilt, rotation,...
CVE-2025-67780
SpaceX Starlink Dish devices running firmware 2024.12.04.mr46620 are affected by CVE-2025-67780 due to unauthenticated LAN gRPC requests. The issue allows administrative actions via the diagnostic interface, and the cross-origin policy can be bypassed by omitting a Referer header, potentially ena...
CVE-2025-67780
SpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 e.g., on Mini1prod2 allow administrative actions via unauthenticated LAN gRPC requests, aka MARMALADE 2. The cross-origin policy can be bypassed by omitting a Referer header. In some cases, an attacker's ability to read tilt, rotation,...
PT-2025-50774
Name of the Vulnerable Software and Affected Versions SpaceX Starlink Dish versions 2024.12.04.mr46620 Description SpaceX Starlink Dish devices allow administrative actions via unauthenticated LAN gRPC requests, referred to as MARMALADE 2. The cross-origin policy can be bypassed by omitting a...
SpaceX Starlink Dish 安全漏洞
SpaceX Starlink Dish is a user terminal receiver from SpaceX in the United States. A security vulnerability exists in SpaceX Starlink Dish version 2024.12.04.mr46620, which stems from an unauthenticated LAN gRPC request that could result in administrative operations...
CVE-2023-52235
SpaceX Starlink Wi-Fi router GEN 2 before 2023.53.0 and Starlink Dish before 07dd2798-ff15-4722-a9ee-de28928aed34 allow CSRF e.g., for a reboot via a DNS Rebinding attack...