CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-44856

Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the rstat, sender, and recipients' parameters of the sub_21D24 function in the acu_web file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.4%

CVSS Severity

CVSS v3 Score 6.1

References

https://pine-amphibian-9b9.notion.site/ENG-SAILOR-Ku-Software-XSS-Statistics-report-e97364c9d09449cf8869417e7187e997
https://pine-amphibian-9b9.notion.site/ENG-SAILOR-Ku-Software-XSS-Statistics-report-e97364c9d09449cf8869417e7187e997

Products affected by CVE-2023-44856

Cobham » Sailor 600 Vsat Ku » Version: N/A

cpe:2.3:h:cobham:sailor_600_vsat_ku:-
Cobham » Sailor 600 Vsat Ku Firmware » Version: 164_build019

cpe:2.3:o:cobham:sailor_600_vsat_ku_firmware:164_build019

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-44856

Products

Pricing

Contact Us