← Back

CVE-2017-5262

nvd nist
Published: Dec 20, 2017Modified: May 13, 2026

JSON object

Loading...
8.0
Vector
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.1 / Impact: 5.9
Source: NVD

Description

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive information by OID reference.

Affected (5)

Cambiumnetworks
5 products
Cnpilot R190v Firmware
Cnpilot E410 Firmware
Cnpilot R190n Firmware
Cnpilot E400 Firmware
Cnpilot E600 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cnpilot R190v Firmware
Up to 4.3.2-r4
Running on/withPlatform Versions
Cambiumnetworks
Cnpilot R190v
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cnpilot E410 Firmware
Up to 4.3.2-r4
Running on/withPlatform Versions
Cambiumnetworks
Cnpilot E410
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cnpilot R190n Firmware
Up to 4.3.2-r4
Running on/withPlatform Versions
Cambiumnetworks
Cnpilot R190n
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cnpilot E400 Firmware
Up to 4.3.2-r4
Running on/withPlatform Versions
Cambiumnetworks
Cnpilot E400
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cnpilot E600 Firmware
Up to 4.3.2-r4
Running on/withPlatform Versions
Cambiumnetworks
Cnpilot E600
All versions

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

Source: cve@rapid7.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.