CVE-2017-5255
CVE-2017-5255
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-characters as part of a specially-crafted POST request to the get_chart function and run OS-level commands, effectively as root.
Affected products
Cambium Networks · ePMPpublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/43413/unverifiedexploitdbwww.exploit-db.com/exploits/43413unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →