Lucene search
+L

175 matches found

Prion
Prion
added 2019/10/10 8:15 p.m.20 views

Design/Logic Flaw

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454. This could allow an unauthenticated, remote attacker to connect to this port via Telnet and execute 86 Attention AT commands, including some that provide unauthenticated,...

10CVSS9.6AI score0.02505EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/10 8:15 p.m.38 views

Design/Logic Flaw

The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to...

7.2CVSS7.9AI score0.00227EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/10 8:15 p.m.17 views

Default credentials

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local attacker to intercept the password and gain access to the portal...

2.1CVSS8.3AI score0.00215EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/10 8:15 p.m.17 views

Authentication flaw

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default. This could allow an unauthenticated, local attacker connected to the device to access the portal and to make any change to the device...

4.9CVSS6.5AI score0.00282EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/10 8:15 p.m.14 views

Default credentials

The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08. This could allow an attacker to reverse-engineer the password from available versions to gain authenticated access to the device...

10CVSS9.5AI score0.01507EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/10 8:15 p.m.17 views

Directory traversal

The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connected to the device to access and download any file found in the web root directory...

4.9CVSS6.3AI score0.00361EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/10/10 8:9 p.m.99 views

CVE-2019-9531

The CVE-2019-9531 entry affects the Cobham EXPLORER 710 portable satcom terminal running firmware version 1.07. Connected sources confirm that the web application portal allows unauthenticated access to port 5454, enabling an unauthenticated remote attacker to connect via Telnet and execute 86 At...

10CVSS9.7AI score0.02505EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/10/10 8:9 p.m.105 views

CVE-2019-9530

The CVE-2019-9530 entry applies to Cobham EXPLORER 710 (firmware 1.07). The vulnerability is that the web root directory has no access restrictions, enabling an unauthenticated, local attacker connected to the device to read and download any file in the web root. The provided connected documents ...

5.5CVSS5.4AI score0.00361EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/10/10 8:9 p.m.102 views

CVE-2019-9534

The CVE-2019-9534 entry affects Cobham EXPLORER 710 with firmware 1.07, where firmware image validation is absent. Connected sources (CERT/CC) describe that development scripts left in the firmware can be used by an unauthenticated, local attacker to upload their own firmware, potentially enablin...

7.8CVSS7.5AI score0.00227EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/10/10 8:9 p.m.102 views

CVE-2019-9532

An issue in Cobham EXPLORER 710 web portal (firmware 1.07) transmits the login password in cleartext, enabling a local, unauthenticated attacker to intercept credentials and access the portal. Root cause: cleartext credential handling in the web portal. Impact described in sources includes potent...

7.8CVSS7.7AI score0.00215EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/10/10 8:9 p.m.20 views

CVE-2019-9529 The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default. This could allow an unauthenticated, local attacker connected to the device to access the portal and to make any change to the device...

6.6AI score0.00282EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/10 8:9 p.m.21 views

CVE-2019-9532 The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local attacker to intercept the password and gain access to the portal...

8.3AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/10 8:9 p.m.19 views

CVE-2019-9530 The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files

The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connected to the device to access and download any file found in the web root directory...

6.4AI score0.00361EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/10 8:9 p.m.14 views

CVE-2019-9531 The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to a port that can run AT commands

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454. This could allow an unauthenticated, remote attacker to connect to this port via Telnet and execute 86 Attention AT commands, including some that provide unauthenticated,...

9.7AI score0.02505EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/10 8:9 p.m.23 views

CVE-2019-9533 The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08

The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08. This could allow an attacker to reverse-engineer the password from available versions to gain authenticated access to the device...

9.7AI score0.01507EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/10 8:9 p.m.17 views

CVE-2019-9534 The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image

The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to...

8.1AI score0.00227EPSS
Exploits0References1
CVE
CVE
added 2019/10/10 8:9 p.m.110 views

CVE-2019-9529

Affected product: Cobham EXPLORER 710, firmware 1.07. Vulnerability: The web application portal has no authentication by default, allowing an unauthenticated, local attacker to access the portal and make changes to the device. Impact (as described): unauthenticated access, potential modification ...

5.5CVSS5.5AI score0.00282EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/10/10 8:9 p.m.108 views

CVE-2019-9533

The CVE-2019-9533 issue affects the Cobham EXPLORER 710 satellite terminal. Root password is identical across firmware versions up to v1.08, enabling an attacker to reverse‑engineer the password from available versions to gain authenticated access to the device. This stems from using a universal ...

10CVSS9.7AI score0.01507EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/10/10 12:0 a.m.5 views

PT-2019-19691 · Cobham · Cobham Explorer 710

Name of the Vulnerable Software and Affected Versions: Cobham EXPLORER 710 firmware version 1.07 Description: The issue concerns the lack of firmware image validation in the device. Development scripts that were left in the firmware can be exploited to upload a custom firmware image. This could...

7.8CVSS7.4AI score0.00227EPSS
Exploits0References2
Symantec
Symantec
added 2019/10/09 12:0 a.m.20 views

Cobham EXPLORER 710 Multiple Security Vulnerabilities

Description Cobham EXPLORER 710 is prone to multiple security vulnerabilities: 1. Multiple security weaknesses 2. Multiple access-bypass vulnerabilities 3. An information-disclosure vulnerability 4. An arbitrary file upload vulnerability An attacker may exploit these issues to perform certain...

7.8AI score
Exploits0References1Affected Software1
Rows per page
Query Builder