exploitDog

GHSA-pvcw-q9rv-w4v9

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https:///adm/syscmd.asp.

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https:///adm/syscmd.asp.

Ссылки

EPSS

Процентиль: 98%

0.59538

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-319

CWE-489

Связанные уязвимости

CVE-2017-5259

CVSS3: 8.8

nvd

около 8 лет назад

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/syscmd.asp.

EPSS

Процентиль: 98%

0.59538

Средний

8.8 High

CVSS3

CVE ID

Дефекты

CWE-319

CWE-489