Here's the page we think you wanted. See search results instead:

Toggle Menu

Chat Live

Confirm Your Country or Area

Please Confirm

Confirm your country to access relevant pricing, special offers, events, and contact information.

What are you looking for?

M9484C VXG Radar Scene Emulator AresONE-S 400GE Explore products Find a solution Get technical support Take a class Find us at events Premium used equipment KeysightCare Buy online

No product matches found - System Exception

Dasan GPON Home Router GponForm dest_host OS Injection

Strike ID:

E18-5i0y1

CVSS:

9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

False Positive:

Variants:

Year:

2018

Description

An arbitrary file overwrite vulnerability has been identified in Dasan GPON Home Router. The vulnerability is caused by the lack of proper input sanitisation of 'dest_host' parameter within the 'GponForm'. The vulnerability can be exploited by sending a specially-crafted POST request, allowing the attacker to execute arbitrary commands on the device with root privileges.

CVE

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10562

References

https://medium.com/@ahmedjouini99/vermelho-red-new-variant-of-the-mirai-botnet-exploits-9-vulnerabilities-240d05bb0891

Welcome

What are you looking for?

Dasan GPON Home Router GponForm dest_host OS Injection

Description

CVE

References