Cambium EPMP 1000 Get_chart Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP 1000 'getchart' Command Injection v3.1-3.5-RC7", 'Description' = % This module exploits an OS Command Injection vulnerability in...

Cambium ePMP1000 - 'get_chart' Shell via Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP1000 'getchart' Shell via Command Injection v3.1-3.5-RC7", 'Description' = % This module exploits an OS Command Injection vulnerabilit...

Cambium Networks ePMP Command Injection Vulnerability

Cambium Networks ePMP is a suite of wireless network access platforms from Cambium Networks, USA. The platform provides video surveillance, Wi-Fi hotspot and sensor connectivity. A security vulnerability exists in Cambium Networks ePMP using firmware version 3.5 and prior, which stems from the We...

CVE-2017-5255

In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user including the otherwise low-privilege readonly user to inject shell meta-characters as part of a specially-crafted POST request...