CVE-2019-9531

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to a port that can run AT commands

EPSS 2.5%CWE-284

Vexday Risk Score

3Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS —EPSS 2.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

10 out 2019Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454. This could allow an unauthenticated, remote attacker to connect to this port via Telnet and execute 86 Attention (AT) commands, including some that provide unauthenticated, shell-like access to the device.

Produtos afetados

Cobham plc · Explorer 710

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://kb.cert.org/vuls/id/719689/