Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cambiumnetworks epmp 2000 firmware vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-5254
In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for other accounts, including admin, after disabling a client-side protection mechanism.
Cambiumnetworks Epmp 1000 Firmware
Cambiumnetworks Epmp 2000 Firmware
5.4
CVSSv3
CVE-2017-5258
In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or can guess the RW community string can provide a URL for a configuration file over SNMP with XSS strings in certain SNMP OIDs, serve it via HTTP, and the affected device will perform a configurati...
Cambiumnetworks Epmp 1000 Firmware
Cambiumnetworks Epmp 2000 Firmware
5.4
CVSSv3
CVE-2017-5256
In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in the web administration console, and those fields are vulnerable to persistent cross-site scripting (XSS) injection.
Cambiumnetworks Epmp 1000 Firmware
Cambiumnetworks Epmp 2000 Firmware
8.8
CVSSv3
CVE-2017-5255
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-characters as part of a specially-c...
Cambiumnetworks Epmp 1000 Firmware
Cambiumnetworks Epmp 2000 Firmware
1 EDB exploit
5.4
CVSSv3
CVE-2017-5257
In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows (or guesses) the SNMP read/write (RW) community string can insert XSS strings in certain SNMP OIDs which will execute in the context of the currently-logged on user.
Cambiumnetworks Epmp 1000 Firmware
Cambiumnetworks Epmp 2000 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started