PT-2019-19687 · Cobham · Cobham Explorer 710

David Belasco

Published

2019-10-10

Updated

2021-10-26

CVE-2019-9530

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cobham EXPLORER 710 firmware version 1.07

Description The issue concerns the lack of access restrictions on the web root directory, allowing an unauthenticated, local attacker connected to the device to access and download any file found in this directory.

Recommendations For firmware version 1.07, restrict access to the web root directory to prevent unauthorized file downloads.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2019-9530

Affected Products

Cobham Explorer 710

PT-2019-19687 · Cobham · Cobham Explorer 710

CVE-2019-9530

Weakness Enumeration

Related Identifiers

Affected Products

References · 3