CVSS: 5.3EPSS: 0%CPEs: 22EXPL: 0CVE-2019-16320
https://notcve.org/view.php?id=CVE-2019-16320
15 Sep 2019 — Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community. Los dispositivos Cobham Sea Tel versiones v170 224521 hasta v194 225444, permiten a atacantes obtener información potencialmente confidencial, tales como la latitud y longitud de un barco, por medio de la comunidad SNMP pública. • https://misteralfa-hack.blogspot.com/2019/09/cobham-terminales-satelitales-seatel.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-19394
https://notcve.org/view.php?id=CVE-2018-19394
15 Mar 2019 — Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. The vulnerability was exploitable by acquiring a copy of the device's configuration file, inserting an XSS payload into a relevant field (e.g., Satellite name), and then restoring the malicious configuration file. Los dispositivos Cobham Satcom Sailor 800 y 900 contenían Cross-Site Scripting (XSS) persistente, que requería acceso administrativo para su explotación. La vulnerabilidad era explot... • https://cyberskr.com/blog/cobham-satcom-800-900.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-19393
https://notcve.org/view.php?id=CVE-2018-19393
15 Mar 2019 — Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file. This was exploitable via multiple attack vectors depending on the device's configuration. Further analysis also indicated this vulnerability could be leveraged to achieve a Denial of Service (DoS) condition, where the device would require a factory reset to return to normal operation. Los dispositivos Cobham Satcom Sailor 800 y 900 contenían una vulnerabilidad ... • https://cyberskr.com/blog/cobham-satcom-800-900.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2014-2940
https://notcve.org/view.php?id=CVE-2014-2940
15 Aug 2014 — Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF have hardcoded credentials for the administrator account, which allows attackers to obtain administrative control by leveraging physical access or terminal access. Los terminales de satélite Cobham Sailor 900 y 6000 con firmware 1.08 MFHF y 2.11 VHF tienen las credenciales embebidas para la cuenta del administrador, lo que permite a atacantes obtener el control administrativo mediante el aprovechamiento del acceso físico o a... • http://www.kb.cert.org/vuls/id/460687 •