Cambium ePMP Arbitrary Command Execution

This module exploits an OS Command Injection vulnerability in Cambium ePMP 1000 (<v2.5) device management portal. It requires any one of the following login credentials – admin/admin, installer/installer, home/home – to execute arbitrary system commands.

Leave a Reply

Your email address will not be published. Required fields are marked *