21 matches found
EUVD-2018-11084
Malware in sbrugna...
EUVD-2018-11087
Malware in sbrugna...
EUVD-2018-11086
Malware in sbrugna...
EUVD-2018-11085
Malware in sbrugna...
Cobham SATCOM SAILOR VSAT 跨站脚本漏洞
Cobham SATCOM SAILOR VSAT is a range of maritime satellite communications products from Cobham SATCOM, UK. A cross-site scripting vulnerability exists in Cobham SATCOM SAILOR VSAT Ku version v.164B019, which originates from a vulnerability that allows remote attackers to execute arbitrary code...
Cobham SATCOM SAILOR VSAT 跨站脚本漏洞
Cobham SATCOM SAILOR VSAT is a range of maritime satellite communications products from Cobham SATCOM, UK. A cross-site scripting vulnerability exists in Cobham SATCOM SAILOR VSAT Ku version v.164B019, which originates from a vulnerability that allows remote attackers to execute arbitrary code...
Cross site scripting
Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. The vulnerability was exploitable by acquiring a copy of the device's configuration file, inserting an XSS payload into a relevant field e.g., Satellite name, and then restoring the...
Cross site scripting
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained persistent XSS, which could be exploited by an unauthenticated threat actor via the /index.lua?pageID=Phone%20book name field...
Design/Logic Flaw
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an unauthenticated password reset vulnerability. This could allow modification of any user account's password including the default "admin" account, without prior knowledge of their password. All that is required is knowledge of the...
Design/Logic Flaw
Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file. This was exploitable via multiple attack vectors depending on the device's configuration. Further analysis also indicated this vulnerability could b...
CVE-2018-19392
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an unauthenticated password reset vulnerability. This could allow modification of any user account's password including the default "admin" account, without prior knowledge of their password. All that is required is knowledge of the...
CVE-2018-19391
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained persistent XSS, which could be exploited by an unauthenticated threat actor via the /index.lua?pageID=Phone%20book name field...
CVE-2018-19393
Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file. This was exploitable via multiple attack vectors depending on the device's configuration. Further analysis also indicated this vulnerability could b...
CVE-2018-19394
Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. The vulnerability was exploitable by acquiring a copy of the device's configuration file, inserting an XSS payload into a relevant field e.g., Satellite name, and then restoring the...
CVE-2018-19391
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained persistent XSS, which could be exploited by an unauthenticated threat actor via the /index.lua?pageID=Phone%20book name field...
CVE-2018-19392
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an unauthenticated password reset vulnerability. This could allow modification of any user account's password including the default "admin" account, without prior knowledge of their password. All that is required is knowledge of the...
CVE-2018-19393
Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file. This was exploitable via multiple attack vectors depending on the device's configuration. Further analysis also indicated this vulnerability could b...
CVE-2018-19393
The CVE-2018-19393 entry refers to Cobham Satcom Sailor 800 and 900 devices with an arbitrary write vulnerability in the system configuration file. The issue is exploitable via multiple attack vectors depending on device configuration and can lead to a Denial of Service requiring a factory reset ...
CVE-2018-19394
CVE-2018-19394 concerns Cobham Satcom Sailor 800 and Sailor 900 devices, where a persistent cross-site scripting (XSS) vulnerability exists. The affected component is the device web interface/configuration handling, with the root cause described as an XSS payload that can be introduced by modifyi...
CVE-2018-19394
Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. The vulnerability was exploitable by acquiring a copy of the device's configuration file, inserting an XSS payload into a relevant field e.g., Satellite name, and then restoring the...