In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path <device-ip-or-hostname>/adm/syscmd.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cambiumnetworks cnpilot_r190v_firmware |
||
cambiumnetworks cnpilot_e410_firmware |
||
cambiumnetworks cnpilot_r190n_firmware |
||
cambiumnetworks cnpilot_e400_firmware |
||
cambiumnetworks cnpilot_e600_firmware |