Design/Logic Flaw

2017-12-2022:29:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.6%

JSON

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the ‘user’ account, the configuration file is accessible via direct object reference (DRO) at http://<device-ip-or-hostname>/goform/down_cfg_file by this otherwise low privilege ‘user’ account.

CPENameOperatorVersion
cnpilot_e400_firmwareeq<= 4.3.2-r4
cnpilot_e410_firmwareeq<= 4.3.2-r4
cnpilot_e600_firmwareeq<= 4.3.2-r4
cnpilot_r190n_firmwareeq<= 4.3.2-r4
cnpilot_r190v_firmwareeq<= 4.3.2-r4

Name	Operator	Version
cnpilot_e400_firmware	eq	<= 4.3.2-r4
cnpilot_e410_firmware	eq	<= 4.3.2-r4
cnpilot_e600_firmware	eq	<= 4.3.2-r4
cnpilot_r190n_firmware	eq	<= 4.3.2-r4
cnpilot_r190v_firmware	eq	<= 4.3.2-r4