Security researchers have divulged two vulnerabilities in the SatLink 2000 VSAT modem that could enable hackers to carry out cross-site scripting attacks and sniff sensitive data traversing the modem.
VSAT modems are hardware devices typically found in offshore environments or remote areas where satellite communications are necessary for Internet access.
According to Trustwave SpiderLabs security researcher Robert Foggia, the first vulnerability is a reflected Cross-site Scripting issue that affects SatLink 2000, SatLink 2900, and SatLink 2910 running the VMU software version prior to 18.1.0.
Foggia said that the web interface didn't properly sanitise input for error messages, which allowed the ability to inject arbitrary client-side code. This vulnerability has been assigned CVE-2019-15652.
The second issue he discovered was that the device only supported insecure protocols such as HTTP and Telnet.
"These cleartext protocols would allow an attacker to sniff for credentials or other sensitive information over the wire, insert unintended data, or hijack entire management sessions," he said.
The flaws were discovered in May this year, but can now only be revealed now that SatLink has recently released firmware updates based on issues disclosed to them.
"SatLink was very communicative with us during the responsible disclosure process, which is rare in my experience. While they were unable to produce a fix within the 90-day deadline outlined by our policy, just by being responsive with regular updates allowed us to provide the flexibility necessary for a patch to be released," he said.
"When your end goal is to make things more secure, publicly releasing vulnerability details when ..
Support the originator by clicking the read the rest link below.
