N/A

Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with SNMP write abilities to execute commands as root on the eNodeB. This issue may affect other AirVelocity and AirSpeed models.

N/A

使用内在危险函数

Airspan AirVelocity 1500 安全漏洞

Airspan AirVelocity 1500是美国Airspan公司的一款革命性的室内高性能小型蜂窝。旨在将公共接入 LTE 网络带入室内空间 Airspan AirVelocity 1500 15.18.00.2511之前的版本存在安全漏洞，该漏洞源于其snmpd服务上启用了NET-SNMP-EXTEND-MIB，使具有SNMP写入能力的攻击者能够以root权限在eNodeB上执行命令。

N/A

N/A