Cambium ePMP 1000 – Multiple Vulnerabilities

Posted by Karn Ganeshen on Nov 19

*July 14, 2015: *First contacted Cambium

*July 14, 2015: *Initial vendor response

*July 16, 2015: *Vuln Details reported to Cambium

*July 31, 2015:* Followup on advisory and fix timelines

*August 03, 2015: *Vendor gives mid-Aug as fix (v2.5) release
timeline. Ceases communication.

*Nov 19, 2015: *Releasing vulnerability details & poc

*Versions affected*: < v2.5

…..

*CVE-IDs* – To be assigned.

…..

*Background *…

007 Software