CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cambium ePMP Force 300-25 version 4.7.0.1 is vulnerable to a code injection vulnerability that could allow an attacker to perform remote code execution and gain root privileges...

7.8CVSS8.2AI score0.0015EPSS

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•230 views

Cambium EPMP 1000 Account Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium ePMP 1000 Account Password Reset', 'Description' = % This module exploits an access control vulnerability in Cambium ePMP device manageme...

9CVSS7.1AI score0.67592EPSS

Exploits2

Packet Storm•added 2024/09/01 12:0 a.m.•177 views

Cambium EPMP 1000 Get_chart Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP 1000 'getchart' Command Injection v3.1-3.5-RC7", 'Description' = % This module exploits an OS Command Injection vulnerability in...

9CVSS7AI score0.71417EPSS

Exploits7

Packet Storm•added 2024/09/01 12:0 a.m.•142 views

Cambium EPMP 1000 Ping Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP 1000 'ping' Command Injection up to v2.5", 'Description' = % This module exploits an OS Command Injection vulnerability in Cambium...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•177 views

Cambium EPMP 1000 Login Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium ePMP 1000 Login Scanner', 'Description' = % This module scans for Cambium ePMP 1000 management login portals, and attempts to identify...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•155 views

Cambium EPMP 1000 Ping Password Hash Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP 1000 'ping' Password Hash Extractor up to v2.5", 'Description' = % This module exploits an OS Command Injection vulnerability in...

7.4AI score

Exploits0

Packet Storm•added 2024/08/31 12:0 a.m.•336 views

Cambium EPMP 1000 SNMP Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium ePMP 1000 SNMP Enumeration', 'Description' = % Cambium devices ePMP, PMP, Force, & others can be administered using SNMP. The device...

7.6CVSS7AI score0.42228EPSS

Exploits2

NVD•added 2023/12/18 6:15 p.m.•8 views

CVE-2023-6691

Cambium ePMP Force 300-25 version 4.7.0.1 is vulnerable to a code injection vulnerability that could allow an attacker to perform remote code execution and gain root privileges...

7.8CVSS0.0015EPSS

Exploits0References1

Prion•added 2023/12/18 6:15 p.m.•10 views

Code injection

Cambium ePMP Force 300-25 version 4.7.0.1 is vulnerable to a code injection vulnerability that could allow an attacker to perform remote code execution and gain root privileges...

4.3CVSS8.4AI score0.0015EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/12/18 5:52 p.m.•16 views

CVE-2023-6691 Code Injection vulnerability in Cambium ePMP Force 300-25

Cambium ePMP Force 300-25 version 4.7.0.1 is vulnerable to a code injection vulnerability that could allow an attacker to perform remote code execution and gain root privileges...

7.8CVSS8.3AI score0.0015EPSS

Exploits0References1

CVE•added 2023/12/18 5:52 p.m.•45 views

CVE-2023-6691

Cambium ePMP Force 300-25, version 4.7.0.1, is affected by CVE-2023-6691 due to a code injection vulnerability (CWE-94) that could enable code execution with root privileges. The issue is reported as a local vulnerability (not exploitable remotely per CISA update history), with a CVSS v3.1 base s...

7.8CVSS8AI score0.0015EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/12/18 12:0 a.m.•1 views

Cambium Networks ePMP Force 300-25 Code Injection Vulnerability

The Cambium Networks ePMP Force 300-25 is a high gain radio from Cambium Networks, USA. A security vulnerability exists in the Cambium Networks ePMP Force 300-25 version 4.7.0.1 that stems from the presence of a code injection vulnerability...

7.8CVSS7.5AI score0.0015EPSS

Exploits0References2

Positive Technologies•added 2023/12/18 12:0 a.m.•2 views

PT-2023-32742 · Cambium · Cambium Epmp Force 300-25

Name of the Vulnerable Software and Affected Versions: Cambium ePMP Force 300-25 version 4.7.0.1 Description: The issue is a code injection vulnerability that could allow an attacker to perform remote code execution and gain root privileges. Recommendations: For Cambium ePMP Force 300-25 version...

7.8CVSS7.9AI score0.0015EPSS

Exploits0References5

CISA•added 2023/12/14 12:0 p.m.•6 views

CISA Releases Seventeen Industrial Control Systems Advisories

CISA released seventeen Industrial Control Systems ICS advisories on December 14, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-348-01 Cambium ePMP 5GHz Force 300-25 Radio ICSA-23-348-02 Johnson Controls...

7AI score

Exploits0References17

ICS•added 2023/12/14 7:0 a.m.•37 views

Cambium ePMP 5GHz Force 300-25 Radio (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Cambium Equipment : ePMP Force 300-25 Vulnerability : Code Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform code execution on the affected product...

7.8CVSS8AI score0.0015EPSS

Exploits0References8