Systematic Security Analysis of the Iridium Satellite Radio Link

The Iridium Low Earth Orbit LEO satellite constellation remains a unique provider of global communications for critical industries, governments, and private users, serving over 2.5 million active subscribers despite recent market competition. In contrast to terrestrial wireless standards such as...

EUVD-2014-0365

Malware in sbrugna...

EUVD-2014-0364

Malware in sbrugna...

EUVD-2025-27986

Malicious code in bioql PyPI...

CVE-2025-41380

Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This vulnerability allows a local user to retrieve the SSH hash string...

CVE-2025-41377

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

CVE-2025-41380 Injection vulnerability in Iridium Certus 700

Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This vulnerability allows a local user to retrieve the SSH hash string...

CVE-2025-41380

CVE-2025-41380 affects Iridium Certus 700, version 1.0.1. The vulnerability is an embedded credentials issue that lets a local user retrieve the SSH hash string. CVSS v4.0 base score 6.1 (MEDIUM); vector: LOCAL, low attack complexity, no user interaction required, privileges required LOW. Impact ...

CVE-2025-41378 Injection vulnerability in Iridium Certus 700

The SSID field is not parsed correctly and can be used to inject commands into the hostpad.conf file. This can be exploited by an attacker to extend his knowledge of the system and compromise other devices. The information is filtered by the logs function of the web panel...

CVE-2025-41378 Injection vulnerability in Iridium Certus 700

The SSID field is not parsed correctly and can be used to inject commands into the hostpad.conf file. This can be exploited by an attacker to extend his knowledge of the system and compromise other devices. The information is filtered by the logs function of the web panel...

CVE-2025-41377 SQL injection vulnerability in Gandia Integra Total

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

CVE-2025-41377

CVE-2025-41377 affects Gandia Integra Total of TESI, versions 2.1.2217.3 through 4.4.2236.1. The vulnerability is a SQL injection in the idestudio parameter of /encuestas/integraweb[_v4]/integra/html/view/consultacuotasred.php that an authenticated user can exploit to retrieve, create, update, an...

CVE-2025-41377 SQL injection vulnerability in Gandia Integra Total

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in...

Intellian Iridium Certus 700 信任管理问题漏洞

Intellian Iridium Certus 700 is a marine satellite Internet system from Intellian Corporation in South Korea. A trust management issue vulnerability exists in Intellian Iridium Certus 700 version 1.0.1, which stems from an embedded credentials vulnerability that could lead to the retrieval of SSH...

Intellian Iridium Certus 700 SQL注入漏洞

The Intellian Iridium Certus 700 is a marine satellite Internet system from Intellian Korea. An SQL injection vulnerability exists in the Intellian Iridium Certus 700 version, which stems from an encryption vulnerability that could lead to the retrieval of an encryption key and the loading of...

PT-2025-22718 · Iridium · Iridium Certus 700

Name of the Vulnerable Software and Affected Versions: Iridium Certus 700 version 1.0.1 Description: The issue is related to an embedded credentials vulnerability in the code, allowing a local user to retrieve the SSH hash string. Recommendations: For Iridium Certus 700 version 1.0.1, consider...

PT-2025-22715 · Iridium · Iridium Certus 700

Name of the Vulnerable Software and Affected Versions: Iridium Certus 700 affected versions not specified Description: A cryptographic issue allows a user to retrieve the encryption key, which can lead to the loading of malicious firmware. Recommendations: At the moment, there is no information...

Intellian Iridium Certus 700 输入验证错误漏洞

Intellian Iridium Certus 700 is a marine satellite Internet system from Intellian Corporation in South Korea. An input validation error vulnerability exists in Intellian Iridium Certus 700 version 1.0.1, which stems from incorrect parsing of the SSID field and could lead to the injection of...

iridium.com Cross Site Scripting vulnerability OBB-3807618

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2022-25493 · WordPress · Iridium Intelligence Bad Ip Wp Plugin

Name of the Vulnerable Software and Affected Versions: Iridium Intelligence bad ip WP Plugin affected versions not specified Description: A vulnerability was found in the HTTP Header Handler component of the Iridium Intelligence bad ip WP Plugin. The manipulation of the X-Forwarded-For argument...