CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5260

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user' account, the configuration file is accessible via direct object reference (DRO) at http://<device-ip-or-hostname>/goform/down_cfg_file by this otherwise low privilege 'user' account.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.334

EPSS Ranking 96.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

Products affected by CVE-2017-5260

Cambiumnetworks » Cnpilot E400 » Version: N/A

cpe:2.3:h:cambiumnetworks:cnpilot_e400:-
Cambiumnetworks » Cnpilot E410 » Version: N/A

cpe:2.3:h:cambiumnetworks:cnpilot_e410:-
Cambiumnetworks » Cnpilot E600 » Version: N/A

cpe:2.3:h:cambiumnetworks:cnpilot_e600:-
Cambiumnetworks » Cnpilot R190n » Version: N/A

cpe:2.3:h:cambiumnetworks:cnpilot_r190n:-
Cambiumnetworks » Cnpilot R190v » Version: N/A

cpe:2.3:h:cambiumnetworks:cnpilot_r190v:-
Cambiumnetworks » Cnpilot E400 Firmware » Version: N/A

cpe:2.3:o:cambiumnetworks:cnpilot_e400_firmware:-
Cambiumnetworks » Cnpilot E400 Firmware » Version: 4.3.2-r4

cpe:2.3:o:cambiumnetworks:cnpilot_e400_firmware:4.3.2-r4
Cambiumnetworks » Cnpilot E410 Firmware » Version: N/A

cpe:2.3:o:cambiumnetworks:cnpilot_e410_firmware:-
Cambiumnetworks » Cnpilot E410 Firmware » Version: 4.3.2-r4

cpe:2.3:o:cambiumnetworks:cnpilot_e410_firmware:4.3.2-r4
Cambiumnetworks » Cnpilot E600 Firmware » Version: N/A

cpe:2.3:o:cambiumnetworks:cnpilot_e600_firmware:-
Cambiumnetworks » Cnpilot E600 Firmware » Version: 4.3.2-r4

cpe:2.3:o:cambiumnetworks:cnpilot_e600_firmware:4.3.2-r4
Cambiumnetworks » Cnpilot R190n Firmware » Version: N/A

cpe:2.3:o:cambiumnetworks:cnpilot_r190n_firmware:-
Cambiumnetworks » Cnpilot R190n Firmware » Version: 4.3.2-r4

cpe:2.3:o:cambiumnetworks:cnpilot_r190n_firmware:4.3.2-r4
Cambiumnetworks » Cnpilot R190v Firmware » Version: N/A

cpe:2.3:o:cambiumnetworks:cnpilot_r190v_firmware:-
Cambiumnetworks » Cnpilot R190v Firmware » Version: 4.3.2-r4

cpe:2.3:o:cambiumnetworks:cnpilot_r190v_firmware:4.3.2-r4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-5260

Products

Pricing

Contact Us