Name of the Vulnerable Software and Affected Versions:

Cambium Networks cnPilot firmware versions 4.3.2-R4 and prior

Description:

The issue concerns an undocumented, root-privilege administration web shell accessible via a specific HTTP path. This path is "https://<device-ip-or-hostname>/adm/syscmd.asp".

Recommendations:

For versions 4.3.2-R4 and prior, consider restricting access to the "/adm/syscmd.asp" endpoint until a patch is available. As a temporary workaround, limit exposure by disabling remote access to the administration interface if possible. At the moment, there is no information about a newer version that contains a fix for this vulnerability.