Skip to main content

Epmp 1000 Firmware

7 CVEs product

Monthly

CVE-2017-5258 MEDIUM POC This Month

In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or can guess the RW community string can provide a URL for a configuration file over SNMP with XSS strings in certain. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Epmp 1000 Firmware Epmp 2000 Firmware
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-5257 MEDIUM This Month

In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows (or guesses) the SNMP read/write (RW) community string can insert XSS strings in certain SNMP OIDs which will execute. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Epmp 1000 Firmware Epmp 2000 Firmware
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-5256 MEDIUM This Month

In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in the web administration console, and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Epmp 1000 Firmware Epmp 2000 Firmware
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-5255 HIGH POC THREAT Act Now

In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 71.4%.

Command Injection Epmp 1000 Firmware Epmp 2000 Firmware
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
71.4%
Threat
5.4
CVE-2017-5254 HIGH POC THREAT Act Now

In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for other accounts, including admin, after. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 67.6%.

Authentication Bypass Epmp 1000 Firmware Epmp 2000 Firmware
NVD
CVSS 3.0
8.8
EPSS
67.6%
Threat
5.3
CVE-2017-7922 HIGH POC THREAT Act Now

An Improper Privilege Management issue was discovered in Cambium Networks ePMP. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 38.1%.

Privilege Escalation Epmp 1000 Firmware Epmp Elevate Firmware Epmp 2000 Firmware Epmp 1000 Hotspot Firmware
NVD
CVSS 3.0
7.6
EPSS
38.1%
Threat
4.2
CVE-2017-7918 MEDIUM POC THREAT This Month

An Improper Access Control issue was discovered in Cambium Networks ePMP. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 42.2%.

Authentication Bypass Epmp 1000 Firmware Epmp Elevate Firmware Epmp 2000 Firmware Epmp 1000 Hotspot Firmware
NVD
CVSS 3.0
6.8
EPSS
42.2%
Threat
4.1
EPSS 0% CVSS 5.4
MEDIUM POC This Month

In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or can guess the RW community string can provide a URL for a configuration file over SNMP with XSS strings in certain. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Epmp 1000 Firmware Epmp 2000 Firmware
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows (or guesses) the SNMP read/write (RW) community string can insert XSS strings in certain SNMP OIDs which will execute. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Epmp 1000 Firmware Epmp 2000 Firmware
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in the web administration console, and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Epmp 1000 Firmware Epmp 2000 Firmware
NVD
EPSS 71% 5.4 CVSS 8.8
HIGH POC THREAT Act Now

In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 71.4%.

Command Injection Epmp 1000 Firmware Epmp 2000 Firmware
NVD Exploit-DB
EPSS 68% 5.3 CVSS 8.8
HIGH POC THREAT Act Now

In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for other accounts, including admin, after. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 67.6%.

Authentication Bypass Epmp 1000 Firmware Epmp 2000 Firmware
NVD
EPSS 38% 4.2 CVSS 7.6
HIGH POC THREAT Act Now

An Improper Privilege Management issue was discovered in Cambium Networks ePMP. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 38.1%.

Privilege Escalation Epmp 1000 Firmware Epmp Elevate Firmware +2
NVD
EPSS 42% 4.1 CVSS 6.8
MEDIUM POC THREAT This Month

An Improper Access Control issue was discovered in Cambium Networks ePMP. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 42.2%.

Authentication Bypass Epmp 1000 Firmware Epmp Elevate Firmware +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy