Skip to main content

Cnpilot E400 Firmware

5 CVEs product

Monthly

CVE-2017-5263 HIGH This Week

Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack CSRF controls that can mitigate the effects of CSRF attacks, which are most typically implemented as randomized per-session. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

CSRF Cnpilot R190V Firmware Cnpilot E410 Firmware Cnpilot R190N Firmware Cnpilot E400 Firmware +1
NVD
CVSS 3.0
8.0
EPSS
0.0%
CVE-2017-5262 HIGH POC This Week

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID reference. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cnpilot R190V Firmware Cnpilot E410 Firmware Cnpilot R190N Firmware Cnpilot E400 Firmware +1
NVD
CVSS 3.0
8.0
EPSS
7.8%
CVE-2017-5261 HIGH POC THREAT Act Now

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 24.1%.

Path Traversal Cnpilot R190V Firmware Cnpilot E410 Firmware Cnpilot R190N Firmware Cnpilot E400 Firmware +1
NVD
CVSS 3.0
8.8
EPSS
24.1%
Threat
4.0
CVE-2017-5260 HIGH POC THREAT Act Now

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 33.4%.

Information Disclosure Cnpilot R190V Firmware Cnpilot E410 Firmware Cnpilot R190N Firmware Cnpilot E400 Firmware +1
NVD
CVSS 3.0
8.8
EPSS
33.4%
Threat
4.3
CVE-2017-5259 HIGH POC THREAT Act Now

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 66.3%.

Information Disclosure Cnpilot R190V Firmware Cnpilot E410 Firmware Cnpilot R190N Firmware Cnpilot E400 Firmware +1
NVD
CVSS 3.0
8.8
EPSS
66.3%
Threat
5.3
EPSS 0% CVSS 8.0
HIGH This Week

Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack CSRF controls that can mitigate the effects of CSRF attacks, which are most typically implemented as randomized per-session. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

CSRF Cnpilot R190V Firmware Cnpilot E410 Firmware +3
NVD
EPSS 8% CVSS 8.0
HIGH POC This Week

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID reference. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cnpilot R190V Firmware Cnpilot E410 Firmware +3
NVD
EPSS 24% 4.0 CVSS 8.8
HIGH POC THREAT Act Now

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 24.1%.

Path Traversal Cnpilot R190V Firmware Cnpilot E410 Firmware +3
NVD
EPSS 33% 4.3 CVSS 8.8
HIGH POC THREAT Act Now

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user'. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 33.4%.

Information Disclosure Cnpilot R190V Firmware Cnpilot E410 Firmware +3
NVD
EPSS 66% 5.3 CVSS 8.8
HIGH POC THREAT Act Now

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 66.3%.

Information Disclosure Cnpilot R190V Firmware Cnpilot E410 Firmware +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy