CVE-2018-5266

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI. NOTE: default passwords for the standard usernames are listed in the product's documentation: Dealer with password seatel3, SysAdmin with password seatel2, and User with password seatel1.
Severity
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Atk. Vector
NETWORK
Atk. Complexity
LOW
Priv. Required
NONE
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Common Weakness Enumeration
References
http://misteralfa-hack.blogspot.cl/2018/01/seatelcobham-terminales-satelitales.html
http://misteralfa-hack.blogspot.cl/2018/01/seatelcobham-terminales-satelitales.html