CVE-2017-11321

HIGH

Ucopia Wireless Appliance < 5.1.7 - OS Command Injection

Title source: rule
STIX 2.1

Description

The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command.

Exploits (2)

exploitdb WORKING POC
by Sysdream · locallinux
https://www.exploit-db.com/exploits/42937
github WRITEUP 4 stars
by tnpitsecurity · poc
https://github.com/tnpitsecurity/CVEs/tree/master/CVE-2017-11321

References (2)

Scores

CVSS v3 7.2
EPSS 0.1048
EPSS Percentile 93.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (1)
ucopia/wireless_appliance < 5.1.7
Published Oct 03, 2017
Tracked Since Feb 18, 2026