VYPR

Epmp 1000 Hotspot Firmware

by Cambiumnetworks

CVEs (7)

  • CVE-2017-5255HigDec 20, 2017
    risk 0.66cvss 8.8epss 0.75

    In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-characters as part of a…

  • CVE-2017-5254HigDec 20, 2017
    risk 0.64cvss 8.8epss 0.54

    In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for other accounts, including admin, after disabling a client-side protection mechanism.

  • CVE-2017-7922HigJun 21, 2017
    risk 0.53cvss 7.6epss 0.10

    An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes.

  • CVE-2017-7918MedJun 21, 2017
    risk 0.48cvss 6.8epss 0.07

    An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has used SNMP configuration export, an attacker is able to remotely trigger device configuration backups using specific MIBs. These backups lack proper access control and may allow…

  • CVE-2017-5258MedDec 20, 2017
    risk 0.35cvss 5.4epss 0.01

    In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or can guess the RW community string can provide a URL for a configuration file over SNMP with XSS strings in certain SNMP OIDs, serve it via HTTP, and the affected device will perform a…

  • CVE-2017-5257MedDec 20, 2017
    risk 0.35cvss 5.4epss 0.01

    In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows (or guesses) the SNMP read/write (RW) community string can insert XSS strings in certain SNMP OIDs which will execute in the context of the currently-logged on user.

  • CVE-2017-5256MedDec 20, 2017
    risk 0.35cvss 5.4epss 0.01

    In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in the web administration console, and those fields are vulnerable to persistent cross-site scripting (XSS) injection.