CVE-2017-11321

HIGH

UCOPIA Wireless Appliance < 5.1.8 - Authenticated Privilege Escalation via Less Command Shell Metacharacter Injection

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-11321. PoCs published by Sysdream, tnpitsecurity.

AI-analyzed exploit summary This exploit leverages the `less` command in the restricted shell of UCOPIA Wireless Appliance to escape to an unrestricted shell as the admin user. The vulnerability arises from improper sanitization of system commands, allowing shell command execution via `less`.

Description

The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command.

Exploits (2)

exploitdb WORKING POC

by Sysdream · locallinux

https://www.exploit-db.com/exploits/42937

View Code ZIP pw:eip

This exploit leverages the `less` command in the restricted shell of UCOPIA Wireless Appliance to escape to an unrestricted shell as the admin user. The vulnerability arises from improper sanitization of system commands, allowing shell command execution via `less`.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: UCOPIA Wireless Appliance < 5.1.8

Auth required

Prerequisites: SSH or ShellInTheBox access · admin credentials (admin/bhu85tgb)

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

github WRITEUP 4 stars

by tnpitsecurity · poc

https://github.com/tnpitsecurity/CVEs/tree/master/CVE-2017-11321

View Code ZIP pw:eip

The repository provides a detailed technical analysis of CVE-2017-11321, a restricted shell escape vulnerability in UCOPIA Wireless Appliance versions prior to 5.1.8. It explains how the `less` command can be exploited to escape the restricted shell and gain unrestricted access as the admin user.

Classification

Writeup 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: UCOPIA Wireless Appliance < 5.1.8

Auth required

Prerequisites: SSH or ShellInTheBox access · admin credentials (admin/bhu85tgb)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit x_refsource_misc

https://sysdream.com/news/lab/2017-09-29-cve-2017-11321-ucopia-wireless-appliance-5-1-8-restricted-shell-escape/

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42937/

Scores

CVSS v3 7.2

EPSS 0.0834

EPSS Percentile 94.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-78

Status published

Products (1)

ucopia/wireless_appliance < 5.1.7

Published Oct 03, 2017

Tracked Since Feb 18, 2026