22 matches found
EUVD-2025-206089
Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fwurl' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands...
EUVD-2025-206080
Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices...
CVE-2021-47745
Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fwurl' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands...
CVE-2021-47745 Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection via Firmware Upgrade
Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fwurl' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands...
CVE-2021-47744 Cypress Solutions CTM-200/CTM-ONE 1.3.6 Hard-coded Credentials Remote Root
Cypress Solutions CTM-200/CTM-ONE 1.3.6 contains hard-coded credentials vulnerability in Linux distribution that exposes root access. Attackers can exploit the static 'Chameleon' password to gain remote root access via Telnet or SSH on affected devices...
PT-2025-54426
Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the 'fw url' parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary command...
PT-2025-54425
Name of the Vulnerable Software and Affected Versions Cypress Solutions CTM-200/CTM-ONE version 1.3.6 Description The software contains a hard-coded credential issue in its Linux distribution, exposing root access. An attacker can exploit the static password 'Chameleon' to gain remote root access...
CVE-2023-47415
Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...
CVE-2023-47415
Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...
CVE-2023-47415
Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...
Command injection
Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...
Cypress Solutions CTM-200 Security Vulnerability
The Cypress Solutions CTM-200 is a wireless gateway from Cypress Solutions. A security vulnerability exists in Cypress Solutions CTM-200 v2.7.1.5600 and earlier versions that stems from an operating system command injection vulnerability via the clitext parameter...
CVE-2023-47415
Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...
CVE-2023-47415
Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the clitext parameter...
CVE-2023-47415
CVE-2023-47415 affects Cypress Solutions CTM-200, specifically versions 2.7.1.5600 and earlier. A OS command injection vulnerability has been reported via the cli_text parameter, enabling an attacker to inject and execute commands with high integrity impact (I: HIGH) while effects on confidential...
Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection
Exploit Title: Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Vendor: Cypress Solutions Inc. Product web page:...
Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root (Telnet/SSH)
Exploit Title: Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root Telnet/SSH Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca !/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor:...
Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Exploit
Cypress Solutions CTM-200 wireless gateway version 2.7.1 suffers from an authenticated semi-blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'ctm-config-upgrade.sh' script leveraging the 'fwurl' POST...
Cypress Solutions CTM-200/CTM-ONE Hard-Coded Credentials Remote Root
!/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: CTM-ONE 1.3.6-latest CTM-ONE 1.3.1 CTM-ONE 1.1.9 CTM200 2.7.1.5659-latest CTM200 2.0.5.3356-184 Summar...
Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection
Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: 2.7.1.5659 2.0.5.3356-184 Summary: CTM-200 is the industrial cellular wireless gateway for fixed and mobile applications. The CTM-200 is a...