CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1CVE-2018-5071
https://notcve.org/view.php?id=CVE-2018-5071
08 Jan 2018 — Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command. This is similar to a Cross Protocol Injection with SNMP. Existe Cross-Site Scripting (XSS) persistente en el servidor web en los dispositivos de sistema de comunicación por satélite Cobham Sea Tel 116 build 222429. Los atacantes remotos pueden ... • http://misteralfa-hack.blogspot.cl/2018/01/seatelcobham-terminales-satelitales.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •