Cambiumnetworks Cnmaestro — known CVE vulnerabilities
Every CVE whose affected-product data names Cambiumnetworks Cnmaestro, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2022-1357 — CVSS 9.8 (critical): The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the…
CVE-2022-1360 — CVSS 8.2 (high): The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. This could allow a remote attacker to…
CVE-2022-1361 — CVSS 7.4 (high): The affected On-Premise cnMaestro is vulnerable to a pre-auth data exfiltration through improper neutralization of special elements used in…
CVE-2022-1356 — CVSS 7.1 (high): cnMaestro is vulnerable to a local privilege escalation. By default, a user does not have root privileges. However, a user can run scripts…
CVE-2022-1358 — CVSS 5.9 (medium): The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This…
CVE-2022-1359 — CVSS 5.7 (medium): The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted…
CVE-2022-1362 — CVSS 5.0 (medium): The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An…