PT-2017-3175 · Cambium Networks · Cnpilot R200/201

Published

2017-03-10

Updated

2021-05-11

CVE-2017-5859

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cambium Networks cnPilot R200/201 versions prior to 4.3

Description The issue involves errors in managing RSA keys, which can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of data. It is related to the device's certificate and its RSA keys.

Recommendations For versions prior to 4.3, update to version 4.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-320

Related Identifiers

BDU:2017-02591

CVE-2017-5859

Affected Products

Cnpilot R200/201

PT-2017-3175 · Cambium Networks · Cnpilot R200/201

CVE-2017-5859

Weakness Enumeration

Related Identifiers

Affected Products

References · 4