4 matches found
Cambium EPMP 1000 Account Password Reset
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium ePMP 1000 Account Password Reset', 'Description' = % This module exploits an access control vulnerability in Cambium ePMP device manageme...
CVE-2017-5254
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/epmp1000resetpass.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:57+00:00| seen|...
CVE-2017-5254
CVE-2017-5254 affects Cambium Networks ePMP firmware 3.5 and earlier. The issue lets non-administrative users labeled installer/home change passwords of other accounts (including admin) after bypassing a client-side protection mechanism, enabling privilege elevation. Documented impact is high (pa...
CVE-2017-5254
In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for other accounts, including admin, after disabling a client-side protection mechanism...