cambium networks

Top products

The 15 most recently published vulnerabilities affecting cambium networks.

• CVE-2022-1362Cambium Networks cnMaestro OS Command Injection5.0May 17, 2022
• CVE-2022-1361Cambium Networks cnMaestro SQL Injection7.4May 17, 2022
• CVE-2022-1360Cambium Networks cnMaestro OS Command Injection8.2May 17, 2022
• CVE-2022-1359Cambium Networks cnMaestro Path Traversal5.7May 17, 2022
• CVE-2022-1358Cambium Networks cnMaestro SQL Injection5.9May 17, 2022
• CVE-2022-1356Cambium Networks cnMaestro use of Potentially Dangerous Function7.1May 17, 2022
• CVE-2022-1357Cambium Networks cnMaestro OS Command Injection9.8May 17, 2022
• CVE-2017-5263Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack CSRF controls that can mitigate the effects of CSRF attacks, which are most typically implemented as randomized per-session tok...8.0Dec 20, 2017
• CVE-2017-5262In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID reference.8.0Dec 20, 2017
• CVE-2017-5261In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible t...8.8Dec 20, 2017
• CVE-2017-5260In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user' ac...8.8Dec 20, 2017
• CVE-2017-5259In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/sy...8.8Dec 20, 2017
• CVE-2017-5258In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or can guess the RW community string can provide a URL for a configuration file over SNMP with XSS strings in certa...5.4Dec 20, 2017
• CVE-2017-5257In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows (or guesses) the SNMP read/write (RW) community string can insert XSS strings in certain SNMP OIDs which will execu...5.4Dec 20, 2017
• CVE-2017-5256In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in the web administration console, and t...5.4Dec 20, 2017