85 matches found
Command injection
UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with admin user privileges via an escape from a restricted command...
CVE-2020-25035
UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with root privileges using chrootholeclient's PHP call, a related issue to CVE-2017-11322...
CVE-2020-25035
CVE-2020-25035 affects UCOPIA Wireless Appliance; the vulnerability lies in the chroothole_client executable, where a dollar-sign metacharacter in the argument can lead to root code execution . Related entries (e.g., CVE-2017-11322) describe remote privilege escalation via the same component befo...
CVE-2020-25036
UCOPIA Wi-Fi appliances 6.0.5 allow authenticated remote attackers to escape the restricted administration shell CLI, and access a shell with admin user rights, via an unprotected less command...
CVE-2020-25036
CVE-2020-25036 affects UCOPIA Wi‑Fi appliances 6.0.5. An authenticated attacker can escape the restricted administration shell (CLI) and obtain a shell with admin rights via an unprotected less command. The available documents do not specify a patch/version to remediate or details about in‑the‑wi...
CVE-2020-25037
CVE-2020-25037 affects UCOPIA Wi‑Fi appliances 6.0.5, where an escape from a restricted command allows arbitrary code execution with admin privileges. The underlying cause is a command‑injection style path enabling elevation to admin level. Exploitation status is not detailed in the provided docu...
CVE-2020-25037
UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with admin user privileges via an escape from a restricted command...
UCOPIA Wi-Fi appliances OS Command Injection Vulnerability
A security vulnerability exists in Ucopia Express 6.0.5 that allows an authenticated, remote attacker to escape the restricted administrative shell CLI and access a shell with admin user privileges via unprotected less commands...
Ucopia Express License Issues Vulnerability
Ucopia Express is a device used to manage Wifi used by the French company Ucopia. A security vulnerability exists in Ucopia Express 6.0.5 that allows the use of chroothole client PHP calls to execute arbitrary code with root privileges...
UCOPIA Wi-Fi appliances code issue vulnerability
Ucopia Express is a device used to manage Wifi used by the French company Ucopia. A security vulnerability exists in Ucopia Express 6.0.5 that allows execution of arbitrary code with admin user privileges to exit restricted commands via escape...
CVE-2018-15481
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges by adding a LocalCommand to the SSH configuration file in...
CVE-2018-15481
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges by adding a LocalCommand to the SSH configuration file in...
Input validation
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges by adding a LocalCommand to the SSH configuration file in...
CVE-2018-15481
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges by adding a LocalCommand to the SSH configuration file in...
CVE-2018-15481
CVE-2018-15481 affects UCOPIA Wireless Appliance devices running firmware 5.1.x before 5.1.13. The vulnerability is due to improper input sanitization in the restricted administration shell, enabling authenticated remote attackers to escape the shell and escalate privileges by adding a LocalComma...
UCOPIA Wireless Appliance Privilege Mobilization Vulnerability (CNVD-2018-11049)
The UCOPIA Wireless Appliance is a wireless device from the French company UCOPIA. A security vulnerability exists in the restricted shell interface of the UCOPIA Wireless Appliance in versions prior to 5.1.8. A remote attacker can exploit the vulnerability to gain 'admin' privileges via shell...
UCOPIA Wireless Appliance Elevation of Privilege Vulnerability
The UCOPIA Wireless Appliance is a wireless device from the French company UCOPIA. A security vulnerability exists in the chrootholeclient executable file in the UCOPIA Wireless Appliance versions prior to 5.1.8. A remote attacker can exploit this vulnerability by sending parameters with the '$'...
UCOPIA Wireless Appliance Elevation of Privilege Vulnerability
The UCOPIA Wireless Appliance is a wireless device from the French company UCOPIA. A security vulnerability exists in the restricted administration shell in the UCOPIA Wireless Appliance versions prior to 4.4.20, 5.0.x versions prior to 5.0.19, and 5.1.x versions prior to 5.1.11, which stems from...
Input validation
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices before 4.4.20, 5.0.x before 5.0.19, and 5.1.x before 5.1.11 allows authenticated remote attackers to escape the shell and escalate their privileges by uploading a .bashrc file containing th...
CVE-2017-17743
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices before 4.4.20, 5.0.x before 5.0.19, and 5.1.x before 5.1.11 allows authenticated remote attackers to escape the shell and escalate their privileges by uploading a .bashrc file containing th...