Design/Logic Flaw

2017-12-2022:29:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

High

0.903 High

EPSS

Percentile

98.8%

JSON

In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users ‘installer’ and ‘home’ have the capability of changing passwords for other accounts, including admin, after disabling a client-side protection mechanism.

CPENameOperatorVersion
epmp_1000_firmwarele3.5
epmp_2000_firmwarele3.5

CPE	Name	Operator	Version
	epmp_1000_firmware	le	3.5
	epmp_2000_firmware	le	3.5

References

blog.rapid7.com/2017/12/19/r7-2017-25-cambium-epmp-and-cnpilot-multiple-vulnerabilities/