Vulnerabilities > Cambiumnetworks > Epmp 2000 > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-12-20 CVE-2017-5254 Improper Privilege Management vulnerability in Cambiumnetworks Epmp 1000 Firmware and Epmp 2000 Firmware
In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users 'installer' and 'home' have the capability of changing passwords for other accounts, including admin, after disabling a client-side protection mechanism.
network
low complexity
cambiumnetworks CWE-269
critical
9.0
2017-12-20 CVE-2017-5255 OS Command Injection vulnerability in Cambiumnetworks Epmp 1000 Firmware and Epmp 2000 Firmware
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-characters as part of a specially-crafted POST request to the get_chart function and run OS-level commands, effectively as root.
network
low complexity
cambiumnetworks CWE-78
critical
9.0