Lucene search
IcscertCVE-2023-6691HistoryDec 18, 2023 - 6:15 p.m.
CVE-2023-6691
2023-12-1818:15:08
CWE-94
icscert
web.nvd.nist.gov
28
cve-2023-6691
cambium epmp
force 300-25
code injection
vulnerability
remote code execution
root privileges
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8
Confidence
High
EPSS
0.001
Percentile
25.8%
Cambium ePMP Force 300-25 version 4.7.0.1 is vulnerable to a code injection vulnerability that could allow an attacker to perform remote code execution and gain root privileges.
Affected configurations
Node
cambiumnetworksepmp_force_300-25Match-
cambiumnetworksepmp_force_300-25_firmwareMatch4.7.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cambiumnetworks | epmp_force_300-25 | - | cpe:2.3:h:cambiumnetworks:epmp_force_300-25:-:*:*:*:*:*:*:* |
| cambiumnetworks | epmp_force_300-25_firmware | 4.7.0.1 | cpe:2.3:o:cambiumnetworks:epmp_force_300-25_firmware:4.7.0.1:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "ePMP Force 300-25",
"vendor": "Cambium ",
"versions": [
{
"status": "affected",
"version": "4.7.0.1"
}
]
}
]Related
ics
ics
Cambium ePMP 5GHz Force 300-25 Radio (Update A)
2024-01-09 12:00:00
nvd
nvd
CVE-2023-6691
2023-12-18 18:15:08
cvelist
cvelist
CVE-2023-6691 Code Injection vulnerability in Cambium ePMP Force 300-25
2023-12-18 17:52:12
prion
prion
Code injection
2023-12-18 18:15:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8
Confidence
High
EPSS
0.001
Percentile
25.8%
Related for CVE-2023-6691