CVE-2018-15481

Name of the Vulnerable Software and Affected Versions UCOPIA Wireless Appliance firmware versions 5.1.x before 5.1.13

Description The issue is related to improper input sanitization within the restricted administration shell. This allows authenticated remote attackers to escalate their privileges by modifying the SSH configuration file. Specifically, attackers can add a LocalCommand to the file in the user home folder, enabling them to escape the shell.

Recommendations For firmware versions 5.1.x before 5.1.13, update to version 5.1.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the SSH configuration file in the user home folder to prevent unauthorized modifications.