PT-2019-19686 · Cobham · Cobham Explorer 710

David Belasco

Publicado

2019-10-10

Atualizado

2019-10-21

CVE-2019-9529

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Cobham EXPLORER 710 firmware version 1.07

Description The web application portal of the device has no authentication by default, allowing an unauthenticated, local attacker connected to the device to access the portal and make any changes to the device.

Recommendations For firmware version 1.07, enable authentication on the web application portal to prevent unauthorized access and changes to the device.

Correção

Missing Authentication

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-306CWE-284

Identificadores relacionados

CVE-2019-9529

Produtos afetados

Cobham Explorer 710

PT-2019-19686 · Cobham · Cobham Explorer 710

CVE-2019-9529

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3