161 matches found
CVE-2018-5728
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details...
CVE-2018-5728
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details...
CVE-2018-5728
CVE-2018-5728 concerns Cobham Sea Tel 121 build 222701 devices. A remote attacker can disclose potentially sensitive information by sending a request to /cgi-bin/getSysStatus, exposing ship latitude/longitude and satellite details. The vulnerability is described as an information disclosure issue...
Design/Logic Flaw
Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof phone numbers and trigger calls to arbitrary numbers via spaces in a tel: URL...
CVE-2015-3888
Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof phone numbers and trigger calls to arbitrary numbers via spaces in a tel: URL...
CVE-2015-3888
Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof phone numbers and trigger calls to arbitrary numbers via spaces in a tel: URL...
CVE-2015-3888
CVE-2015-3888 affects Jolla Sailfish OS before 1.1.2.16. The issue is in the tel: URL handling, where spaces in the URL can be exploited to spoof the caller ID and trigger calls to arbitrary numbers. This is a remote defense/reachability concern for users and operators relying on accurate caller ...
Cobham Sea Tel Web Server Cross-Site Scripting Vulnerability
Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. A cross-site scripting vulnerability exists in the web server in Cobham Sea Tel version 116 build 222429. The vulnerability can be exploited by a remote attacker to inject malicious JavaScript code via the device's TELN...
Cobham Sea Tel Security Bypass Vulnerability
Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. A security bypass vulnerability exists in Cobham Sea Tel version 121 build 222701. A remote attacker can bypass authentication by sending a direct request to the MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html,...
Cobham Sea Tel Information Disclosure Vulnerability
Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. An information disclosure vulnerability exists in Cobham Sea Tel version 121 build 222701. An attacker can exploit this vulnerability by reading the loginName line in the js/userLogin.js URI to obtain sensitive...
CVE-2018-5267
Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html...
CVE-2018-5266
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with...
Authentication flaw
Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html...
CVE-2018-5071
Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command. This is similar to a Cross...
Cross site scripting
Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command. This is similar to a Cross...
CVE-2018-5071
Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command. This is similar to a Cross...
Default credentials
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with...
CVE-2018-5267
Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html...
CVE-2018-5266
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with...
CVE-2018-5267
Cobham Sea Tel 121 build 222701 devices are affected by CVE-2018-5267, enabling a remote authentication bypass via direct requests to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html. The vulnerability allows bypass of authentication without user...