CVE-2018-5266
Last modified
CVE-2018-5266 is a vulnerability of currently unknown severity. Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with password seatel3, SysAdmin with password seatel2, and User with password seatel1.. EPSS estimates a 2.02% chance of exploitation in the next 30 days.
Description
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with password seatel3, SysAdmin with password seatel2, and User with password seatel1.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cobham | Sea Tel 121 Firmware | 222701 |
References
- http://misteralfa-hack.blogspot.cl/2018/01/seatelcobham-terminales-satelitales.htmlExploit, Third Party Advisory
- http://misteralfa-hack.blogspot.cl/2018/01/seatelcobham-terminales-satelitales.htmlExploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-5266?
How severe is CVE-2018-5266?
How do I fix CVE-2018-5266?
Are you affected by CVE-2018-5266?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST