Description
The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connected to the device to access and download any file found in the web root directory.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
https://kb.cert.org/vuls/id/719689/
Scores
CVSS v3
5.5
EPSS
0.0036
EPSS Percentile
28.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-284
Status
published
Products (1)
cobham/explorer_710_firmware
1.07
Published
Oct 10, 2019
Tracked Since
Feb 18, 2026