Skip to content

Instantly share code, notes, and snippets.

@CyberSKR

CyberSKR/CVE-2018-19393.md

Created March 15, 2019 11:45
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
CVE-2018-19393: The Cobham Satcom Sailor 800 and Sailor 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file.
Raw
CVE-2018-19393.md

CVE-2018-19393

Suggested description
The Cobham Satcom Sailor 800 and Sailor 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file. This was exploitable via multiple attack vectors depending on the device's configuration. Further analysis also indicated this vulnerability could be leveraged to achieve a Denial of Service (DoS) condition, where the device would require a factory reset to return to normal operation.

Vulnerability Type
Incorrect Access Control

Vendor of Product
Cobham Satcom

Affected Product Code Base
Sailor 800 - N/A
Sailor 900 - N/A

Reference
https://gist.github.com/CyberSKR/1ade6d887039465d635e27fcbcc817a3
https://cyberskr.com/blog/cobham-satcom-800-900.html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment