Ucopia

ucopia

9 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Wireless Appliance Firmware

wireless_appliance_firmware

Ucopia Wireless Appliance

ucopia_wireless_appliance

Wireless Appliance

wireless_appliance

Express Wireless Appliance

express_wireless_appliance

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-44720 1Ucopia 1Wireless Appliance Firmware Nov 21, 2024 Jun 29, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in Weblib Ucopia before 6.0.13. OS Command Injection injection can occur, related to chroot.
CVE-2022-44719 1Ucopia 1Wireless Appliance Firmware Nov 21, 2024 Jun 29, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions.
CVE-2020-25036 1Ucopia 1Ucopia Wireless Appliance Nov 21, 2024 Feb 2, 2021 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 UCOPIA Wi-Fi appliances 6.0.5 allow authenticated remote attackers to escape the restricted administration shell CLI, and access a shell with admin user rights, via an unprotected less command.
CVE-2020-25035 1Ucopia 1Express Wireless Appliance Nov 21, 2024 Feb 2, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with root privileges using chroothole_client's PHP call, a related issue to CVE-2017-11322.
CVE-2020-25037 1Ucopia 1Ucopia Wireless Appliance Nov 21, 2024 Feb 2, 2021 N/A· v4 8.2 HIGH· v3 7.2 HIGH· v2 UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with admin user privileges via an escape from a restricted command.
CVE-2018-15481 1Ucopia 1Wireless Appliance Firmware Nov 21, 2024 Aug 21, 2018 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalat...Show more Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges by adding a LocalCommand to the SSH configuration file in the user home folder.Show less
CVE-2017-17743 1Ucopia 1Wireless Appliance Firmware Nov 21, 2024 Mar 22, 2018 N/A· v4 6.7 MEDIUM· v3 6.5 MEDIUM· v2 Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices before 4.4.20, 5.0.x before 5.0.19, and 5.1.x before 5.1.11 allows authenticated remote attackers to escape the...Show more Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices before 4.4.20, 5.0.x before 5.0.19, and 5.1.x before 5.1.11 allows authenticated remote attackers to escape the shell and escalate their privileges by uploading a .bashrc file containing the /bin/sh string. In some situations, authentication can be achieved via the bhu85tgb default password for the admin account.Show less
CVE-2017-11322 1Ucopia 1Ucopia Wireless Appliance May 13, 2026 Oct 3, 2017 N/A· v4 8.2 HIGH· v3 7.2 HIGH· v2 The chroothole_client executable in UCOPIA Wireless Appliance before 5.1.8 allows remote attackers to gain root privileges via a dollar sign ($) metacharacter in the argument to chroothole_client.
CVE-2017-11321 1Ucopia 1Wireless Appliance May 13, 2026 Oct 3, 2017 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command.