Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In version 3.5 and prior of Cambium Networks ePMP firmware, all authenticated users have the ability to update the Device Name and System Description fields in the web administration console, and those fields are vulnerable to persistent cross-site scripting (XSS) injection.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Cambium Networks ePMP Web administration console 跨站脚本漏洞
Vulnerability Description
Cambium Networks ePMP是美国Cambium Networks公司的一套无线网络接入平台。该平台提供视频监控、Wi-Fi热点和传感器连接等功能。Web administration console是其中的一个管理控制台程序。 使用3.5及之前版本固件的Cambium Networks ePMP中的Web administration console的Device Name和System Description字段存在跨站脚本漏洞。远程攻击者可利用该漏洞获取用户浏览器会话的访问权限,控制设
CVSS Information
N/A
Vulnerability Type
N/A