Cyberskr

**Name of the Vulnerable Software and Affected Versions** Cobham Satcom Sailor 800 and 900 devices (affected versions not specified) **Description** The issue concerns a persistent XSS that can be exploited by acquiring the device's configuration file, inserting an XSS payload into a relevant field such as the `Satellite name`, and then restoring the malicious configuration file. This requires administrative access to exploit. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cobham Satcom Sailor 250 and 500 devices versions prior to 1.25 **Description** The issue allows an unauthenticated threat actor to exploit a persistent XSS via the "name" field in the /index.lua?pageID=Phone%20book endpoint. **Recommendations** For versions prior to 1.25, update to version 1.25 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Cobham Satcom Sailor 250 and 500 devices versions prior to 1.25 **Description** The issue allows for an unauthenticated password reset, enabling modification of any user account's password, including the default "admin" account, without prior knowledge of the password. This can be achieved with knowledge of the username and by exploiting the attack vector through the "/index.lua" API endpoint, specifically the `usernameAdmChange`, `passwordAdmChange1`, and `passwordAdmChange2` fields. **Recommendations** For versions prior to 1.25, update to version 1.25 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/index.lua" API endpoint, particularly the `usernameAdmChange`, `passwordAdmChange1`, and `passwordAdmChange2` fields, to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Cobham Satcom Sailor 800 and 900 devices (affected versions not specified) **Description** The issue allows for arbitrary writing of content to the system's configuration file, which can be exploited through multiple attack vectors depending on the device's configuration. This can also lead to a Denial of Service (DoS) condition, requiring a factory reset to restore normal operation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FURUNO FELCOM versions 250 and 500 **Description** The issue allows unauthenticated users to change passwords for critical accounts, including Admin, Log, and Service, as well as the protected "SMS" panel. This is achieved through access to specific API endpoints: "/cgi-bin/sm changepassword.cgi" and "/cgi-bin/sm sms changepasswd.cgi". **Recommendations** For FURUNO FELCOM versions 250 and 500, restrict access to the "/cgi-bin/sm changepassword.cgi" and "/cgi-bin/sm sms changepasswd.cgi" API endpoints to prevent unauthorized password changes. Consider temporarily disabling these endpoints until a patch is available.

**Name of the Vulnerable Software and Affected Versions** FURUNO FELCOM versions 250 and 500 **Description** The issue allows unauthenticated access to the xml/permission.xml file, which contains system usernames and passwords, including Admin and Service user accounts with unsalted MD5 hashes, and the SMS server password in cleartext. **Recommendations** For FURUNO FELCOM versions 250 and 500, restrict access to the xml/permission.xml file to prevent unauthorized access to sensitive system information. As a temporary workaround, consider disabling unauthenticated access to the device until a patch is available. Avoid using the device's default passwords and consider changing them to stronger, unique passwords.

**Name of the Vulnerable Software and Affected Versions** FURUNO FELCOM 250 and 500 devices (affected versions not specified) **Description** The issue concerns the use of client-side JavaScript in the login.js file for authentication purposes. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Sonus SBC 1000 versions 6.0.x up to Build 446 Sonus SBC 1000 versions 6.1.x up to Build 492 Sonus SBC 1000 versions 7.0.x up to Build 485 Sonus SBC 2000 versions 6.0.x up to Build 446 Sonus SBC 2000 versions 6.1.x up to Build 492 Sonus SBC 2000 versions 7.0.x up to Build 485 Sonus SBC SWe Lite versions 6.1.x up to Build 111 Sonus SBC SWe Lite versions 7.0.x up to Build 140 **Description** A root privilege escalation issue in the web interface of Sonus SBC devices allows unauthorized access to privileged content. **Recommendations** For Sonus SBC 1000 versions 6.0.x up to Build 446, update to a version later than Build 446 to resolve the issue. For Sonus SBC 1000 versions 6.1.x up to Build 492, update to a version later than Build 492 to resolve the issue. For Sonus SBC 1000 versions 7.0.x up to Build 485, update to a version later than Build 485 to resolve the issue. For Sonus SBC 2000 versions 6.0.x up to Build 446, update to a version later than Build 446 to resolve the issue. For Sonus SBC 2000 versions 6.1.x up to Build 492, update to a version later than Build 492 to resolve the issue. For Sonus SBC 2000 versions 7.0.x up to Build 485, update to a version later than Build 485 to resolve the issue. For Sonus SBC SWe Lite versions 6.1.x up to Build 111, update to a version later than Build 111 to resolve the issue. For Sonus SBC SWe Lite versions 7.0.x up to Build 140, update to a version later than Build 140 to resolve the issue.