115 matches found
EUVD-2017-14363
Malware in sbrugna...
EUVD-2017-14362
Malware in sbrugna...
EUVD-2017-14368
Malware in sbrugna...
EUVD-2017-14367
Malware in sbrugna...
EUVD-2017-14935
Malware in sbrugna...
EUVD-2017-14361
Malware in sbrugna...
Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet
Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service DDoS attacks. According to QiAnXin XLab, the attacks have leveraged the security flaw since Jun...
Cambium Networks ePMP Force 300-25 Code Injection Vulnerability
The Cambium Networks ePMP Force 300-25 is a high gain radio from Cambium Networks, USA. A security vulnerability exists in the Cambium Networks ePMP Force 300-25 version 4.7.0.1 that stems from the presence of a code injection vulnerability...
Cambium Networks Enterprise Wi-Fi System Software Security Vulnerability
Cambium Networks Enterprise Wi-Fi System Software is a simple yet sophisticated platform and tool for planning, deploying, and managing networks from Cambium Networks, USA. A security vulnerability exists in Cambium Networks Enterprise Wi-Fi System Software versions prior to 6.4.2 that stems from...
CVE-2022-1362 Cambium Networks cnMaestro OS Command Injection
The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server...
CVE-2022-1362 Cambium Networks cnMaestro OS Command Injection
The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server...
CVE-2022-1361 Cambium Networks cnMaestro SQL Injection
The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user’s accounts and devices...
CVE-2022-1361 Cambium Networks cnMaestro SQL Injection
The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate data about other user’s accounts and devices...
CVE-2022-1360 Cambium Networks cnMaestro OS Command Injection
The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. This could allow a remote attacker to change server configuration settings...
CVE-2022-1359 Cambium Networks cnMaestro Path Traversal
The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route. If an attacker supplied path traversal charters ../ as part of a filename, the server will save the file where the attacker...
CVE-2022-1358 Cambium Networks cnMaestro SQL Injection
The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate and dump all data held in the cnMaestro database...
CVE-2022-1358 Cambium Networks cnMaestro SQL Injection
The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate and dump all data held in the cnMaestro database...
CVE-2022-1356 Cambium Networks cnMaestro use of Potentially Dangerous Function
cnMaestro is vulnerable to a local privilege escalation. By default, a user does not have root privileges. However, a user can run scripts as sudo, which could allow an attacker to gain root privileges when running user scripts outside allowed commands...
CVE-2022-1357 Cambium Networks cnMaestro OS Command Injection
The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. This lack of validation could allow an attacker to append arbitrary data to the logger command...
CVE-2022-1357 Cambium Networks cnMaestro OS Command Injection
The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. This lack of validation could allow an attacker to append arbitrary data to the logger command...