April 2, 2017 Karn Ganeshen

Cambium ePMP Arbitrary Command Execution – Metasploit module landed

One more new Metasploit exploit module for Cambium ePMP devices is now available.

This module exploits an OS Command Injection vulnerability in Cambium ePMP 1000 (<v2.5) device management portal. It requires any one of the following login credentials – admin/admin, installer/installer, home/home – to execute arbitrary system commands.

+++++

Cheers~

Tagged:

Leave a Reply

Your email address will not be published. Required fields are marked *