NotCVE - vendor:"Cobham" product:"Satcom Sailor 900 Firmware"

2 results (0.002 seconds)

CVSS: 4.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2018-19394

https://notcve.org/view.php?id=CVE-2018-19394

15 Mar 2019 — Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. The vulnerability was exploitable by acquiring a copy of the device's configuration file, inserting an XSS payload into a relevant field (e.g., Satellite name), and then restoring the malicious configuration file. Los dispositivos Cobham Satcom Sailor 800 y 900 contenían Cross-Site Scripting (XSS) persistente, que requería acceso administrativo para su explotación. La vulnerabilidad era explot... • https://cyberskr.com/blog/cobham-satcom-800-900.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2018-19393

https://notcve.org/view.php?id=CVE-2018-19393

15 Mar 2019 — Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file. This was exploitable via multiple attack vectors depending on the device's configuration. Further analysis also indicated this vulnerability could be leveraged to achieve a Denial of Service (DoS) condition, where the device would require a factory reset to return to normal operation. Los dispositivos Cobham Satcom Sailor 800 y 900 contenían una vulnerabilidad ... • https://cyberskr.com/blog/cobham-satcom-800-900.html • CWE-732: Incorrect Permission Assignment for Critical Resource •