Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
CVE-2018-19393: The Cobham Satcom Sailor 800 and Sailor 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file.

CVE-2018-19393

Suggested description
The Cobham Satcom Sailor 800 and Sailor 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file. This was exploitable via multiple attack vectors depending on the device's configuration. Further analysis also indicated this vulnerability could be leveraged to achieve a Denial of Service (DoS) condition, where the device would require a factory reset to return to normal operation.


Vulnerability Type
Incorrect Access Control


Vendor of Product
Cobham Satcom


Affected Product Code Base
Sailor 800 - N/A
Sailor 900 - N/A


Reference
https://gist.github.com/CyberSKR/1ade6d887039465d635e27fcbcc817a3
https://cyberskr.com/blog/cobham-satcom-800-900.html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.