CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-44855

Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019 allows a remote attacker to execute arbitrary code via a crafted script to the rdiag, sender, and recipients parameters of the sub_219C4 function in the acu_web file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.3%

CVSS Severity

CVSS v3 Score 6.5

References

https://pine-amphibian-9b9.notion.site/ENG-SAILOR-Ku-Software-XSS-Diagnostics-report-019462dcebf6428da34dd7daee21583b
https://pine-amphibian-9b9.notion.site/ENG-SAILOR-Ku-Software-XSS-Diagnostics-report-019462dcebf6428da34dd7daee21583b

Products affected by CVE-2023-44855

Cobham » Sailor 600 Vsat Ku » Version: N/A

cpe:2.3:h:cobham:sailor_600_vsat_ku:-
Cobham » Sailor 600 Vsat Ku Firmware » Version: 164_build019

cpe:2.3:o:cobham:sailor_600_vsat_ku_firmware:164_build019

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-44855

Products

Pricing

Contact Us