Vulnerability Details CVE-2019-15652
The web interface for NSSLGlobal SatLink VSAT Modem Unit (VMU) devices before 18.1.0 doesn't properly sanitize input for error messages, leading to the ability to inject client-side code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.5%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2019-15652-satlink-vsat-vulnerabilities/
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=26455
- https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2019-15652-satlink-vsat-vulnerabilities/
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=26455
Products affected by CVE-2019-15652
-
cpe:2.3:h:nssglobal:satlink_2000:-
-
cpe:2.3:h:nssglobal:satlink_2900:-
-
cpe:2.3:h:nssglobal:satlink_2910:-
-
cpe:2.3:o:nssglobal:vmu_software:*