ID:78 - Exploit for Path traversal in cnPilot - CVE-2017-5261
Published: March 18, 2020
Vulnerability identifier: #VU13429
Vulnerability risk: Low
CVE-ID: CVE-2017-5261
CWE-ID: CWE-22
Exploitation vector: Remote access
Vulnerable software:
cnPilot
cnPilot
Link to public exploit:
Vulnerability description
The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information.
The vulnerability exists in the ping and traceroute functions of the web administrative console in Cambium Networks cnPilot due to insufficient sanitization of user-supplied input processed by the Readfile script when a ping or traceroute command is issued. A remote attacker can send a specially crafted request that submits directory traversal characters and gain access to sensitive information, such as the admin password of the device, which could result in a complete system compromise.
Remediation
Update to version 4.3.4-R8.