Vulnerabilities > Cobham

DATE CVE VULNERABILITY TITLE RISK
2019-10-10 CVE-2019-9534 Unrestricted Upload of File with Dangerous Type vulnerability in Cobham Explorer 710 Firmware 1.07
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image.
local
low complexity
cobham CWE-434
7.2
2019-10-10 CVE-2019-9533 Use of Hard-coded Credentials vulnerability in Cobham Explorer 710 Firmware 1.07
The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08.
network
low complexity
cobham CWE-798
critical
10.0
2019-10-10 CVE-2019-9532 Cleartext Transmission of Sensitive Information vulnerability in Cobham Explorer 710 Firmware 1.07
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext.
local
low complexity
cobham CWE-319
2.1
2019-10-10 CVE-2019-9531 Improper Authentication vulnerability in Cobham Explorer 710 Firmware 1.07
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454.
network
low complexity
cobham CWE-287
critical
10.0
2019-10-10 CVE-2019-9530 Information Exposure vulnerability in Cobham Explorer 710 Firmware 1.07
The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files.
local
low complexity
cobham CWE-200
4.9
2019-10-10 CVE-2019-9529 Missing Authentication for Critical Function vulnerability in Cobham Explorer 710 Firmware 1.07
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default.
local
low complexity
cobham CWE-306
4.9
2019-09-15 CVE-2019-16320 Information Exposure vulnerability in Cobham products
Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community.
network
low complexity
cobham CWE-200
5.0
2019-03-15 CVE-2018-19394 Cross-site Scripting vulnerability in Cobham products
Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit.
network
cobham CWE-79
3.5
2019-03-15 CVE-2018-19393 Incorrect Permission Assignment for Critical Resource vulnerability in Cobham products
Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file.
network
low complexity
cobham CWE-732
7.8
2019-03-15 CVE-2018-19392 Improper Authentication vulnerability in Cobham products
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an unauthenticated password reset vulnerability.
network
low complexity
cobham CWE-287
5.0