Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.242 views

Cambium EPMP 1000 Account Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium ePMP 1000 Account Password Reset', 'Description' = % This module exploits an access control vulnerability in Cambium ePMP device manageme...

9CVSS7.1AI score0.53704EPSS
Exploits2
Circl
Circl
added 2018/05/29 3:50 p.m.8 views

CVE-2017-5254

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/epmp1000resetpass.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:57+00:00| seen|...

9CVSS7.7AI score0.53704EPSS
Exploits2References1
CVE
CVE
added 2017/12/20 10:0 p.m.53 views

CVE-2017-5254

CVE-2017-5254 affects Cambium Networks ePMP firmware 3.5 and earlier. The issue lets non-administrative users labeled installer/home change passwords of other accounts (including admin) after bypassing a client-side protection mechanism, enabling privilege elevation. Documented impact is high (pa...

9CVSS8.6AI score0.53704EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2017/12/20 10:0 p.m.16 views

CVE-2017-5254

In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for other accounts, including admin, after disabling a client-side protection mechanism...

8.8AI score0.53704EPSS
Exploits2References1
Rows per page
Query Builder