← Back

Satcom Sailor 800 Firmware

satcom_sailor_800_firmware

Vendor: Cobham • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-19394
1Cobham
2Satcom Sailor 800 Firmware
Satcom Sailor 900 Firmware
Nov 21, 2024
Mar 15, 2019
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. The vulnerability was exploitable by acquiring a copy of the device's configuration file, inserting an X...Show more
Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. The vulnerability was exploitable by acquiring a copy of the device's configuration file, inserting an XSS payload into a relevant field (e.g., Satellite name), and then restoring the malicious configuration file.Show less
CVE-2018-19393
1Cobham
2Satcom Sailor 800 Firmware
Satcom Sailor 900 Firmware
Nov 21, 2024
Mar 15, 2019
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file. This was exploitable via multiple attack vectors depending on the devic...Show more
Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file. This was exploitable via multiple attack vectors depending on the device's configuration. Further analysis also indicated this vulnerability could be leveraged to achieve a Denial of Service (DoS) condition, where the device would require a factory reset to return to normal operation.Show less