Vulnerabilities > Cambiumnetworks > Cnmaestro
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-17 | CVE-2022-1356 | Unspecified vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3 cnMaestro is vulnerable to a local privilege escalation. | 7.8 |
| 2022-05-17 | CVE-2022-1357 | Unspecified vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3 The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. | 9.8 |
| 2022-05-17 | CVE-2022-1358 | Unspecified vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3 The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. | 7.5 |
| 2022-05-17 | CVE-2022-1359 | Path Traversal vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3 The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route. | 7.5 |
| 2022-05-17 | CVE-2022-1360 | Unspecified vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3 The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. | 9.8 |
| 2022-05-17 | CVE-2022-1361 | Unspecified vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3 The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command. | 7.5 |
| 2022-05-17 | CVE-2022-1362 | OS Command Injection vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3 The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. | 7.3 |