Cobham Satcom Sailor 800 / 900 VSAT Vulnerabilities

The CyberSKR Maritime Security Team recently identified multiple vulenerabilities in Cobham Satcom products, specifically the Sailor 800 / 900 VSAT systems (version(s) N/A).

The vendor’s response was excellent, and we were put in contact with a senior member of the company almost immediately, who was able to action the information we provided them with in a very timely manner.

Vulnerability Overview – Cobham Satcom Sailor 800 / 900
  • Arbitrary Configuration File Modification (Multiple Vectors, Potential For Denial of Service)
  • Persistent Cross Site Scripting (XSS)

CVE-2018-19393: Sailor 800 / 900 Arbitrary Configuration Modification

A vulnerability was identified in the Cobham Satcom Sailor 800 / 900 VSAT systems, which could allow a threat actor to modify the device's configuration file. This includes inserting their own entries, or overriding current ones.

Utilising the same attack vector, a further payload was also identified that led to a Denial of Service (DoS) condition, wherein the system became fully unresponsive and required resetting before normal operation could resume.

Further details & PoC withheld until later date

CVE-2018-19394: Sailor 800 / 900 Persistent XSS

The Cobham Satcom Sailor 800 / 900 devices were vulnerable to persistent XSS via inserting JavaScript payload into a field in the configuration file and then restoring the malicious configuration file via the web application's functionality. The impact for this vulnerability is low as full administrative access (other than in specific circumstances due to low security configuration) was required to restore the configuration file.

This website uses cookies