Vulnerabilities > Cobham > Satcom Sailor 250 Firmware

DATE CVE VULNERABILITY TITLE RISK
2019-03-15 CVE-2018-19392 Improper Authentication vulnerability in Cobham products
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained an unauthenticated password reset vulnerability.
network
low complexity
cobham CWE-287
critical
9.8
2019-03-15 CVE-2018-19391 Cross-site Scripting vulnerability in Cobham products
Cobham Satcom Sailor 250 and 500 devices before 1.25 contained persistent XSS, which could be exploited by an unauthenticated threat actor via the /index.lua?pageID=Phone%20book name field.
network
low complexity
cobham CWE-79
6.1