CVE-2018-19394

by rootdaemon March 14, 2019

03/15/2019

CVE-2018-19394

Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. The vulnerability was exploitable by acquiring a copy of the device’s configuration file, inserting an XSS payload into a relevant field (e.g., Satellite name), and then restoring the malicious configuration file.

Attack vector:
Network

Product:

cobham: satcom_sailor_800_firmware
cobham: satcom_sailor_900_firmware

References:

Severity:
Low

CVSS Score:
3.5

CVSS Vector:
(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Don't forget to share

Tags: CVE201819394

CVE-2018-19394

CVE-2018-19394

You may also like...

Leave a Reply Cancel reply

CVE-2018-19394

CVE-2018-19394

You may also like...

Phishing attacks: One in three suspect emails reported by employees really are malicious

Multimedia Editing Software Hacked to Spread Banking Trojan

City of Cornelia Witnessed Fourth Ransomware Attack – E Hacking News

Leave a Reply Cancel reply