Vulnerabilities > Cambiumnetworks > Cnmaestro > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-17 CVE-2022-1358 SQL Injection vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3
The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command.
network
low complexity
cambiumnetworks CWE-89
5.0
5.0
2022-05-17 CVE-2022-1359 Path Traversal vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3
The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route.
network
low complexity
cambiumnetworks CWE-22
5.0
5.0
2022-05-17 CVE-2022-1361 SQL Injection vulnerability in Cambiumnetworks Cnmaestro 2.4.2/3.0.0/3.0.3
The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in an SQL command.
network
low complexity
cambiumnetworks CWE-89
5.0
5.0