CVE-2017-5259

Publication date

2017-12-20 22:00:00

Family

rapid7

State

PUBLISHED

Description

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https:///adm/syscmd.asp.