Ucopia: >> Wireless Appliance Firmware >> 5.0 Security Vulnerabilities
An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-06-29
An issue was discovered in Weblib Ucopia before 6.0.13. OS Command Injection injection can occur, related to chroot.
CVSS Score
9.8
EPSS Score
0.007
Published
2023-06-29
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices before 4.4.20, 5.0.x before 5.0.19, and 5.1.x before 5.1.11 allows authenticated remote attackers to escape the shell and escalate their privileges by uploading a .bashrc file containing the /bin/sh string. In some situations, authentication can be achieved via the bhu85tgb default password for the admin account.
CVSS Score
6.7
EPSS Score
0.005
Published
2018-03-22