Cobham EXPLORER 710 Firmware 1.07
Approved changes feed: RSS · Atom
cpe:2.3:o:cobham:explorer_710_firmware:1.07:*:*:*:*:*:*:*
part: o version: 1.07 update: *
| Vendor | Cobham (512d488f-9e86-55c1-97a5-a68c12c2142b) |
|---|---|
| Product | Explorer 710 Firmware (d6fe5beb-13c6-57ff-b966-b7abf0c9a459) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-9534 |
vulnerable | 2026-06-03 14:40:49.330823 |
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development scripts left in the firmware can be used to upload a custom firmware image that the device runs. This could allow an unauthenticated, local attacker to upload their own firmware that could be used to intercept or modify traffic, spoof or intercept GPS traffic, exfiltrate private data, hide a backdoor, or cause a denial-of-service.
Published: 2019-10-10T20:09:47.814Z
Updated: 2024-09-17T00:15:54.409Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-9533 |
vulnerable | 2026-06-03 14:40:49.330493 |
The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08
The root password of the Cobham EXPLORER 710 is the same for all versions of firmware up to and including v1.08. This could allow an attacker to reverse-engineer the password from available versions to gain authenticated access to the device.
Published: 2019-10-10T20:09:47.781Z
Updated: 2024-09-16T16:28:25.213Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-9532 |
vulnerable | 2026-06-03 14:40:49.330172 |
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local attacker to intercept the password and gain access to the portal.
Published: 2019-10-10T20:09:47.739Z
Updated: 2024-09-16T19:30:16.862Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-9531 |
vulnerable | 2026-06-03 14:40:49.329840 |
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to a port that can run AT commands
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454. This could allow an unauthenticated, remote attacker to connect to this port via Telnet and execute 86 Attention (AT) commands, including some that provide unauthenticated, shell-like access to the device.
Published: 2019-10-10T20:09:47.705Z
Updated: 2024-09-16T20:02:16.560Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-9530 |
vulnerable | 2026-06-03 14:40:49.329487 |
The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files
The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connected to the device to access and download any file found in the web root directory.
Published: 2019-10-10T20:09:47.669Z
Updated: 2024-09-16T17:14:11.909Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-9529 |
vulnerable | 2026-06-03 14:40:49.328516 |
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default. This could allow an unauthenticated, local attacker connected to the device to access the portal and to make any change to the device.
Published: 2019-10-10T20:09:47.632Z
Updated: 2024-09-16T20:07:10.559Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.