Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cambiumnetworks cnpilot r190n firmware vulnerabilities and exploits
(subscribe to this query)
940
VMScore
CVE-2017-5260
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user' account, the configuration file is accessible via direct object reference (...
Cambiumnetworks Cnpilot R190v Firmware
Cambiumnetworks Cnpilot E410 Firmware
Cambiumnetworks Cnpilot R190n Firmware
Cambiumnetworks Cnpilot E400 Firmware
Cambiumnetworks Cnpilot E600 Firmware
940
VMScore
CVE-2017-5259
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/syscmd.asp.
Cambiumnetworks Cnpilot R190v Firmware
Cambiumnetworks Cnpilot E410 Firmware
Cambiumnetworks Cnpilot R190n Firmware
Cambiumnetworks Cnpilot E400 Firmware
Cambiumnetworks Cnpilot E600 Firmware
810
VMScore
CVE-2017-5262
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID reference.
Cambiumnetworks Cnpilot R190v Firmware
Cambiumnetworks Cnpilot E410 Firmware
Cambiumnetworks Cnpilot R190n Firmware
Cambiumnetworks Cnpilot E400 Firmware
Cambiumnetworks Cnpilot E600 Firmware
481
VMScore
CVE-2017-5263
Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack CSRF controls that can mitigate the effects of CSRF attacks, which are most typically implemented as randomized per-session tokens associated with any web application function, especially destructive ones.
Cambiumnetworks Cnpilot R190v Firmware
Cambiumnetworks Cnpilot E410 Firmware
Cambiumnetworks Cnpilot R190n Firmware
Cambiumnetworks Cnpilot E400 Firmware
Cambiumnetworks Cnpilot E600 Firmware
440
VMScore
CVE-2017-5261
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible to all authenticated users.
Cambiumnetworks Cnpilot R190v Firmware
Cambiumnetworks Cnpilot E410 Firmware
Cambiumnetworks Cnpilot R190n Firmware
Cambiumnetworks Cnpilot E400 Firmware
Cambiumnetworks Cnpilot E600 Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started