EUVD-2025-206089

Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fwurl' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands...

CVE-2021-47745

Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fwurl' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands...

CVE-2021-47744

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains a hard-coded credentials issue in its Linux distribution, exposing remote root access via the static password 'Chameleon' over Telnet or SSH. Public sources note potential remote root compromise for affected devices; CVSS metrics in the entry indic...

CVE-2021-47744 Cypress Solutions CTM-200/CTM-ONE 1.3.6 Hard-coded Credentials Remote Root

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices...

CVE-2021-47745 Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection via Firmware Upgrade

Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fwurl' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands...

CVE-2021-47745

CVE-2021-47745 affects Cypress Solutions CTM-200 firmware 2.7.1. The authenticated command injection occurs in the firmware upgrade script via the fw_url parameter in ctm-config-upgrade.sh, allowing a remote attacker to inject and execute arbitrary commands with root privileges. CVSS metrics indi...

CVE-2021-47744 Cypress Solutions CTM-200/CTM-ONE 1.3.6 Hard-coded Credentials Remote Root

Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices...

PT-2025-54426

Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fw url' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary command...

Cypress Solutions CTM-200 操作系统命令注入漏洞

The Cypress Solutions CTM-200 is a wireless gateway from Cypress Solutions. An operating system command injection vulnerability exists in the Cypress Solutions CTM-200 version 2.7.1, which stems from an authenticated command injection in the fwurl parameter of the firmware upgrade script, which...

CVE-2023-47415

Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...

CVE-2023-47415

Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...

Command injection

Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...

PT-2024-13448 · Cypress Solutions · Ctm-200

Name of the Vulnerable Software and Affected Versions: Cypress Solutions CTM-200 versions 2.7.1.5600 and below Description: The issue is related to an OS command injection vulnerability. This vulnerability can be exploited via the cli text parameter. Recommendations: For versions 2.7.1.5600 and...

CVE-2023-47415

CVE-2023-47415 affects Cypress Solutions CTM-200, specifically versions 2.7.1.5600 and earlier. A OS command injection vulnerability has been reported via the cli_text parameter, enabling an attacker to inject and execute commands with high integrity impact (I: HIGH) while effects on confidential...

CVE-2023-47415

Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...

Cypress Solutions CTM-200 Security Vulnerability

The Cypress Solutions CTM-200 is a wireless gateway from Cypress Solutions. A security vulnerability exists in Cypress Solutions CTM-200 v2.7.1.5600 and earlier versions that stems from an operating system command injection vulnerability via the clitext parameter...

Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection

Exploit Title: Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Vendor: Cypress Solutions Inc. Product web page:...

Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root (Telnet/SSH)

Exploit Title: Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root Telnet/SSH Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca !/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor:...

Cypress Solutions CTM-200/CTM-ONE Hard-Coded Credentials Remote Root Exploit

Cypress Solutions CTM-200/CTM-ONE suffers from a hard-coded credential remote root vulnerability via telnet and ssh. !/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca...

Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Exploit

Cypress Solutions CTM-200 wireless gateway version 2.7.1 suffers from an authenticated semi-blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'ctm-config-upgrade.sh' script leveraging the 'fwurl' POST...