Lucene search

K
cvelistRapid7CVELIST:CVE-2017-5259
HistoryDec 20, 2017 - 10:00 p.m.

CVE-2017-5259

2017-12-2022:00:00
CWE-489
rapid7
www.cve.org

AI Score

8.8

Confidence

High

EPSS

0.027

Percentile

90.6%

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/syscmd.asp.

CNA Affected

[
  {
    "product": "cnPilot",
    "vendor": "Cambium Networks",
    "versions": [
      {
        "status": "affected",
        "version": "4.3.2-R4 and prior"
      }
    ]
  }
]

AI Score

8.8

Confidence

High

EPSS

0.027

Percentile

90.6%

Related for CVELIST:CVE-2017-5259