Vulnerabilities (CVE)

Filtered by vendor Ucopia Subscribe
Filtered by product Wireless Appliance
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-44720 1 Ucopia 2 Wireless Appliance, Wireless Appliance Firmware 2024-02-04 N/A 9.8 CRITICAL
An issue was discovered in Weblib Ucopia before 6.0.13. OS Command Injection injection can occur, related to chroot.
CVE-2022-44719 1 Ucopia 2 Wireless Appliance, Wireless Appliance Firmware 2024-02-04 N/A 7.5 HIGH
An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions.
CVE-2018-15481 1 Ucopia 2 Wireless Appliance, Wireless Appliance Firmware 2024-02-04 6.5 MEDIUM 8.8 HIGH
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges by adding a LocalCommand to the SSH configuration file in the user home folder.
CVE-2017-17743 1 Ucopia 2 Wireless Appliance, Wireless Appliance Firmware 2024-02-04 6.5 MEDIUM 6.7 MEDIUM
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices before 4.4.20, 5.0.x before 5.0.19, and 5.1.x before 5.1.11 allows authenticated remote attackers to escape the shell and escalate their privileges by uploading a .bashrc file containing the /bin/sh string. In some situations, authentication can be achieved via the bhu85tgb default password for the admin account.
CVE-2017-11321 1 Ucopia 1 Wireless Appliance 2024-02-04 6.5 MEDIUM 7.2 HIGH
The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command.