CVE-2023-44854

Name of the Vulnerable Software and Affected Versions Cobham SAILOR VSAT Ku version 164B019

Description The issue is related to a Cross Site Scripting (XSS) vulnerability, which allows a remote attacker to execute arbitrary code via a crafted script to the c set rslog decode function in the acu web file. This can potentially lead to the execution of malicious scripts.

Recommendations For Cobham SAILOR VSAT Ku version 164B019, as a temporary workaround, consider disabling the c set rslog decode function in the acu web file until a patch is available. Restrict access to the acu web file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.