Navbox Firmware
Monthly
Hard-coded credentials embedded in NAVTOR NavBox's Windows Communication Foundation (SOAP) implementation allow a local low-privileged attacker to extract static credentials and authenticate against privileged WCF methods, enabling arbitrary file write or overwrite within application-defined paths. All NavBox versions through 4.16.1.20 are affected when the SOAP interface is enabled. CISA ICS-CERT has issued advisory ICSA-26-155-01 for this OT/maritime navigation product; no public exploit has been identified at time of analysis, though the ICS context elevates operational safety concern.
Navtor NavBox devices allow unauthenticated remote attackers to retrieve sensitive operational data including ECDIS information, device identifiers, and service logs by sending HTTP requests to the unprotected API on port 8080. An attacker with network access can obtain this configuration and system information without any credentials, potentially facilitating further attacks against maritime navigation systems. No patch is currently available for this vulnerability.
Navtor NavBox exposes an unauthenticated path traversal vulnerability in its HTTP service that allows remote attackers to read arbitrary files from the server by submitting requests with absolute filesystem paths. Successful exploitation enables unauthorized disclosure of sensitive configuration files and system information, limited only by the service process privileges. No patch is currently available.
The /api/ais-data endpoint in Navtor NavBox leaks sensitive information through unhandled exception error messages, allowing unauthenticated remote attackers to obtain verbose .NET stack traces containing internal class names, method calls, and library dependencies. This information disclosure (CWE-209) enables attackers to map the application's internal structure and identify potential attack vectors. No patch is currently available for this medium-severity vulnerability affecting .NET implementations.
Hard-coded credentials embedded in NAVTOR NavBox's Windows Communication Foundation (SOAP) implementation allow a local low-privileged attacker to extract static credentials and authenticate against privileged WCF methods, enabling arbitrary file write or overwrite within application-defined paths. All NavBox versions through 4.16.1.20 are affected when the SOAP interface is enabled. CISA ICS-CERT has issued advisory ICSA-26-155-01 for this OT/maritime navigation product; no public exploit has been identified at time of analysis, though the ICS context elevates operational safety concern.
Navtor NavBox devices allow unauthenticated remote attackers to retrieve sensitive operational data including ECDIS information, device identifiers, and service logs by sending HTTP requests to the unprotected API on port 8080. An attacker with network access can obtain this configuration and system information without any credentials, potentially facilitating further attacks against maritime navigation systems. No patch is currently available for this vulnerability.
Navtor NavBox exposes an unauthenticated path traversal vulnerability in its HTTP service that allows remote attackers to read arbitrary files from the server by submitting requests with absolute filesystem paths. Successful exploitation enables unauthorized disclosure of sensitive configuration files and system information, limited only by the service process privileges. No patch is currently available.
The /api/ais-data endpoint in Navtor NavBox leaks sensitive information through unhandled exception error messages, allowing unauthenticated remote attackers to obtain verbose .NET stack traces containing internal class names, method calls, and library dependencies. This information disclosure (CWE-209) enables attackers to map the application's internal structure and identify potential attack vectors. No patch is currently available for this medium-severity vulnerability affecting .NET implementations.