cambiumnetworks
Networking Infrastructurecommercial
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting cambiumnetworks.
- CVE-2023-6691Code Injection vulnerability in Cambium ePMP Force 300-257.8
- CVE-2022-35908Cambium Enterprise Wi-Fi System Software before 6.4.2 does not sanitize the ping host argument in device-agent.8.8
- CVE-2022-1362Cambium Networks cnMaestro OS Command Injection5.0
- CVE-2022-1361Cambium Networks cnMaestro SQL Injection7.4
- CVE-2022-1360Cambium Networks cnMaestro OS Command Injection8.2
- CVE-2022-1359Cambium Networks cnMaestro Path Traversal5.7
- CVE-2022-1358Cambium Networks cnMaestro SQL Injection5.9
- CVE-2022-1356Cambium Networks cnMaestro use of Potentially Dangerous Function7.1
- CVE-2022-1357Cambium Networks cnMaestro OS Command Injection9.8
- CVE-2020-9022An issue was discovered on Xirrus XR520, XR620, XR2436, and XH2-120 devices. The cgi-bin/ViewPage.cgi user parameter allows XSS.6.1
- CVE-2017-5263Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack CSRF controls that can mitigate the effects of CSRF attacks, which are most typically implemented as randomized per-session tok...8.0
- CVE-2017-5262In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID reference.8.0
- CVE-2017-5261In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the 'ping' and 'traceroute' functions of the web administrative console expose a file path traversal vulnerability, accessible t...8.8
- CVE-2017-5260In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user' ac...8.8
- CVE-2017-5259In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/sy...8.8