Lucene search
HistoryDec 18, 2023 - 6:15 p.m.
CVE-2023-6691
cve-2023-6691
cambium epmp
force 300-25
code injection
vulnerability
remote code execution
root privileges
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.9%
Cambium ePMP Force 300-25 version 4.7.0.1 is vulnerable to a code injection vulnerability that could allow an attacker to perform remote code execution and gain root privileges.
Affected configurations
Node
cambiumnetworksepmp_force_300-25Match-
cambiumnetworksepmp_force_300-25_firmwareMatch4.7.0.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| cambiumnetworks:epmp_force_300-25_firmware | cambiumnetworks epmp force 300-25 firmware | eq | 4.7.0.1 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "ePMP Force 300-25",
"vendor": "Cambium ",
"versions": [
{
"status": "affected",
"version": "4.7.0.1"
}
]
}
]Related
nvd
nvd
CVE-2023-6691
2023-12-18 18:15:08
prion
prion
Code injection
2023-12-18 18:15:00
ics
ics
Cambium ePMP 5GHz Force 300-25 Radio (Update A)
2024-01-09 12:00:00
cvelist
cvelist
CVE-2023-6691 Code Injection vulnerability in Cambium ePMP Force 300-25
2023-12-18 17:52:12
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
25.9%
Related for CVE-2023-6691