Overview
- Description
- The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connected to the device to access and download any file found in the web root directory.
- Source
- cret@cert.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.9
- Impact score
- 6.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
- cret@cert.org
- CWE-284
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cobham:explorer_710_firmware:1.07:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADA493F5-3AA0-4A1E-81CD-1AE01B9BD4D8"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cobham:explorer_710:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DEF6DB4B-2304-4E4C-92A1-BAF622E39BF1"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]