cbcvebase.
CVE-2017-5262
published 2017-12-20

CVE-2017-5262: In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID…

PriorityP341high8CVSS 3.0
AVAACLPRLUINSUCHIHAH
EPSS
4.86%
90.9th percentile
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID reference.

Affected

6 ranges
VendorProductVersion rangeFixed in
cambium_networkscnpilot
cambiumnetworkscnpilot_e400_firmware<= 4.3.2-r4
cambiumnetworkscnpilot_e410_firmware<= 4.3.2-r4
cambiumnetworkscnpilot_e600_firmware<= 4.3.2-r4
cambiumnetworkscnpilot_r190n_firmware<= 4.3.2-r4
cambiumnetworkscnpilot_r190v_firmware<= 4.3.2-r4

CVSS provenance

nvdv3.08.0HIGHCVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.7HIGHAV:A/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.