3.0.3

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

cambiumnetworks

critical

NVD

Published: 2022-05-17

Updated: 2024-11-21

Summary

The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. This lack of validation could allow an attacker to append arbitrary data to the logger command.

Vulnerable Configurations

Part	Description	Count
OS	Cambiumnetworks Cambiumnetworks Cnmaestro 2.4.2 Cambiumnetworks Cnmaestro 3.0.0 Cambiumnetworks Cnmaestro 3.0.3	3

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-04
https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-04