Vulnerabilities > Cobham > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-10 | CVE-2019-9530 | Unspecified vulnerability in Cobham Explorer 710 Firmware 1.07 The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. | 5.5 |
| 2019-10-10 | CVE-2019-9529 | Missing Authentication for Critical Function vulnerability in Cobham Explorer 710 Firmware 1.07 The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default. | 5.5 |
| 2019-09-15 | CVE-2019-16320 | Information Exposure vulnerability in Cobham products Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community. | 5.3 |
| 2019-03-15 | CVE-2018-19394 | Cross-site Scripting vulnerability in Cobham products Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. | 4.8 |
| 2019-03-15 | CVE-2018-19391 | Cross-site Scripting vulnerability in Cobham products Cobham Satcom Sailor 250 and 500 devices before 1.25 contained persistent XSS, which could be exploited by an unauthenticated threat actor via the /index.lua?pageID=Phone%20book name field. | 6.1 |
| 2018-01-16 | CVE-2018-5728 | Information Exposure vulnerability in Cobham Seatel 121 Firmware Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details. | 5.3 |
| 2018-01-08 | CVE-2018-5071 | Cross-site Scripting vulnerability in Cobham SEA TEL 116 Firmware 222429 Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command. | 5.4 |