Cambiumnetworks Epmp_1000
5 CVEs affecting Cambiumnetworks Epmp_1000. Latest disclosed: 2017-12-20. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-5255 | High | 8.8 | 2017-12-20 | In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenti… |
CVE-2017-5254 | High | 8.8 | 2017-12-20 | In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for o… |
CVE-2017-5258 | Medium | 5.4 | 2017-12-20 | In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows or can guess the RW community string can provide a URL for a configuration fi… |
CVE-2017-5257 | Medium | 5.4 | 2017-12-20 | In version 3.5 and prior of Cambium Networks ePMP firmware, an attacker who knows (or guesses) the SNMP read/write (RW) community string can insert XSS strings… |
CVE-2017-5256 | Medium | 5.4 | 2017-12-20 | In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in… |