6 matches found
EUVD-2017-14363
Malware in sbrugna...
CVE-2017-5255
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user including the otherwise low-privilege readonly user to inject shell meta-characters as part of a specially-crafted POST request...
Design/Logic Flaw
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user including the otherwise low-privilege readonly user to inject shell meta-characters as part of a specially-crafted POST request...
CVE-2017-5255
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user including the otherwise low-privilege readonly user to inject shell meta-characters as part of a specially-crafted POST request...
Improper access control
An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow access to sensitive...
CVE-2017-7918
CVE-2017-7918 describes an improper access control issue in Cambium Networks ePMP. After a valid user exports SNMP configuration, an attacker can remotely trigger device configuration backups via specific MIBs, and those backups may expose sensitive information or permit configuration changes. Th...