Lucene search
K

161 matches found

NVD
NVD
added 2018/01/16 11:29 p.m.19 views

CVE-2018-5728

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details...

5.3CVSS5.2AI score0.01328EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/01/16 11:0 p.m.16 views

CVE-2018-5728

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details...

5.2AI score0.01328EPSS
Exploits1References1
CVE
CVE
added 2018/01/16 11:0 p.m.42 views

CVE-2018-5728

CVE-2018-5728 concerns Cobham Sea Tel 121 build 222701 devices. A remote attacker can disclose potentially sensitive information by sending a request to /cgi-bin/getSysStatus, exposing ship latitude/longitude and satellite details. The vulnerability is described as an information disclosure issue...

5.3CVSS5.2AI score0.01328EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2018/01/12 5:29 p.m.10 views

Design/Logic Flaw

Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof phone numbers and trigger calls to arbitrary numbers via spaces in a tel: URL...

5CVSS7.3AI score0.01055EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/01/12 5:29 p.m.21 views

CVE-2015-3888

Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof phone numbers and trigger calls to arbitrary numbers via spaces in a tel: URL...

7.5CVSS7.5AI score0.01055EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/01/12 5:0 p.m.19 views

CVE-2015-3888

Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof phone numbers and trigger calls to arbitrary numbers via spaces in a tel: URL...

7.5AI score0.01055EPSS
Exploits1References1
CVE
CVE
added 2018/01/12 5:0 p.m.45 views

CVE-2015-3888

CVE-2015-3888 affects Jolla Sailfish OS before 1.1.2.16. The issue is in the tel: URL handling, where spaces in the URL can be exploited to spoof the caller ID and trigger calls to arbitrary numbers. This is a remote defense/reachability concern for users and operators relying on accurate caller ...

7.5CVSS7.5AI score0.01055EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/01/10 12:0 a.m.5 views

Cobham Sea Tel Web Server Cross-Site Scripting Vulnerability

Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. A cross-site scripting vulnerability exists in the web server in Cobham Sea Tel version 116 build 222429. The vulnerability can be exploited by a remote attacker to inject malicious JavaScript code via the device's TELN...

5.4CVSS6.5AI score0.00809EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/10 12:0 a.m.4 views

Cobham Sea Tel Security Bypass Vulnerability

Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. A security bypass vulnerability exists in Cobham Sea Tel version 121 build 222701. A remote attacker can bypass authentication by sending a direct request to the MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html,...

9.8CVSS7.2AI score0.02537EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/10 12:0 a.m.6 views

Cobham Sea Tel Information Disclosure Vulnerability

Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. An information disclosure vulnerability exists in Cobham Sea Tel version 121 build 222701. An attacker can exploit this vulnerability by reading the loginName line in the js/userLogin.js URI to obtain sensitive...

7.5CVSS6.2AI score0.0202EPSS
Exploits1References1
NVD
NVD
added 2018/01/08 3:29 a.m.16 views

CVE-2018-5267

Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html...

9.8CVSS9.6AI score0.02537EPSS
Exploits1References1
OSV
OSV
added 2018/01/08 3:29 a.m.5 views

CVE-2018-5266

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with...

7.5CVSS5.8AI score0.0202EPSS
Exploits1References1
Prion
Prion
added 2018/01/08 3:29 a.m.16 views

Authentication flaw

Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html...

7.5CVSS9.5AI score0.02537EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/01/08 3:29 a.m.5 views

CVE-2018-5071

Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command. This is similar to a Cross...

5.4CVSS5.9AI score0.00809EPSS
Exploits1References1
Prion
Prion
added 2018/01/08 3:29 a.m.18 views

Cross site scripting

Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command. This is similar to a Cross...

3.5CVSS5.6AI score0.00809EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/01/08 3:29 a.m.18 views

CVE-2018-5071

Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command. This is similar to a Cross...

5.4CVSS5.6AI score0.00809EPSS
Exploits1References1
Prion
Prion
added 2018/01/08 3:29 a.m.23 views

Default credentials

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with...

5CVSS7.5AI score0.0202EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/01/08 3:29 a.m.6 views

CVE-2018-5267

Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html...

9.8CVSS5.8AI score0.02537EPSS
Exploits1References1
NVD
NVD
added 2018/01/08 3:29 a.m.20 views

CVE-2018-5266

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with...

7.5CVSS7.5AI score0.0202EPSS
Exploits1References1
CVE
CVE
added 2018/01/08 3:0 a.m.57 views

CVE-2018-5267

Cobham Sea Tel 121 build 222701 devices are affected by CVE-2018-5267, enabling a remote authentication bypass via direct requests to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html. The vulnerability allows bypass of authentication without user...

9.8CVSS9.5AI score0.02537EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder