The thraneLINK protocol implementation on Cobham devices does not verify firmware signatures, which allows malicious users to execute arbitrary code by leveraging physical access or terminal access to send an SNMP request and a TFTP response.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cobham ailor_6110_mini-c_gmdss - |
||
cobham sailor_6006_message_terminal - |
||
cobham sailor_6222_vhf - |
||
cobham sailor_6300_mf_\/_hf - |
Vulmon