CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5259

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/syscmd.asp.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.595

EPSS Ranking 98.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

Products affected by CVE-2017-5259

Cambiumnetworks » Cnpilot E400 » Version: N/A

cpe:2.3:h:cambiumnetworks:cnpilot_e400:-
Cambiumnetworks » Cnpilot E410 » Version: N/A

cpe:2.3:h:cambiumnetworks:cnpilot_e410:-
Cambiumnetworks » Cnpilot E600 » Version: N/A

cpe:2.3:h:cambiumnetworks:cnpilot_e600:-
Cambiumnetworks » Cnpilot R190n » Version: N/A

cpe:2.3:h:cambiumnetworks:cnpilot_r190n:-
Cambiumnetworks » Cnpilot R190v » Version: N/A

cpe:2.3:h:cambiumnetworks:cnpilot_r190v:-
Cambiumnetworks » Cnpilot E400 Firmware » Version: N/A

cpe:2.3:o:cambiumnetworks:cnpilot_e400_firmware:-
Cambiumnetworks » Cnpilot E400 Firmware » Version: 4.3.2-r4

cpe:2.3:o:cambiumnetworks:cnpilot_e400_firmware:4.3.2-r4
Cambiumnetworks » Cnpilot E410 Firmware » Version: N/A

cpe:2.3:o:cambiumnetworks:cnpilot_e410_firmware:-
Cambiumnetworks » Cnpilot E410 Firmware » Version: 4.3.2-r4

cpe:2.3:o:cambiumnetworks:cnpilot_e410_firmware:4.3.2-r4
Cambiumnetworks » Cnpilot E600 Firmware » Version: N/A

cpe:2.3:o:cambiumnetworks:cnpilot_e600_firmware:-
Cambiumnetworks » Cnpilot E600 Firmware » Version: 4.3.2-r4

cpe:2.3:o:cambiumnetworks:cnpilot_e600_firmware:4.3.2-r4
Cambiumnetworks » Cnpilot R190n Firmware » Version: N/A

cpe:2.3:o:cambiumnetworks:cnpilot_r190n_firmware:-
Cambiumnetworks » Cnpilot R190n Firmware » Version: 4.3.2-r4

cpe:2.3:o:cambiumnetworks:cnpilot_r190n_firmware:4.3.2-r4
Cambiumnetworks » Cnpilot R190v Firmware » Version: N/A

cpe:2.3:o:cambiumnetworks:cnpilot_r190v_firmware:-
Cambiumnetworks » Cnpilot R190v Firmware » Version: 4.3.2-r4

cpe:2.3:o:cambiumnetworks:cnpilot_r190v_firmware:4.3.2-r4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5259

Products

Pricing

Contact Us