Vulnerability Details CVE-2017-5255
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-characters as part of a specially-crafted POST request to the get_chart function and run OS-level commands, effectively as root.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.714
EPSS Ranking 98.6%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2017-5255
-
cpe:2.3:h:cambiumnetworks:epmp_1000:-
-
cpe:2.3:h:cambiumnetworks:epmp_2000:-
-
cpe:2.3:o:cambiumnetworks:epmp_1000_firmware:-
-
cpe:2.3:o:cambiumnetworks:epmp_1000_firmware:3.5
-
cpe:2.3:o:cambiumnetworks:epmp_2000_firmware:-
-
cpe:2.3:o:cambiumnetworks:epmp_2000_firmware:3.5