The web interface for NSSLGlobal SatLink VSAT Modem Unit (VMU) devices before 18.1.0 doesn't properly sanitize input for error messages, leading to the ability to inject client-side code.
References
Link | Resource |
---|---|
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2019-15652-satlink-vsat-vulnerabilities/ | Third Party Advisory |
https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=26455 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-11-22T17:23:24
Updated: 2019-11-22T17:24:46
Reserved: 2019-08-26T00:00:00
Link: CVE-2019-15652
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-11-22T18:15:10.843
Modified: 2019-12-04T14:49:26.060
Link: CVE-2019-15652
JSON object: View
Redhat Information
No data.
CWE