CVE-2017-17743

Name of the Vulnerable Software and Affected Versions: UCOPIA Wireless Appliance devices versions prior to 4.4.20 UCOPIA Wireless Appliance devices versions 5.0.x prior to 5.0.19 UCOPIA Wireless Appliance devices versions 5.1.x prior to 5.1.11

Description: The issue is related to improper input sanitization within the restricted administration shell, allowing authenticated remote attackers to escape the shell and escalate their privileges. This can be achieved by uploading a .bashrc file containing the /bin/sh string. In some cases, authentication can be obtained using the default password bhu85tgb for the admin account.

Recommendations: For versions prior to 4.4.20, update to version 4.4.20 or later. For versions 5.0.x prior to 5.0.19, update to version 5.0.19 or later. For versions 5.1.x prior to 5.1.11, update to version 5.1.11 or later. As a temporary workaround, consider restricting access to the administration shell and changing the default admin password to prevent unauthorized access.