CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
98.0%
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field.
Vendor | Product | Version | CPE |
---|---|---|---|
gpononu | 1ge_router_wifi_onu_v2801rw | - | cpe:2.3:h:gpononu:1ge_router_wifi_onu_v2801rw:-:*:*:*:*:*:*:* |
gpononu | 1ge_router_wifi_onu_v2801rw_firmware | * | cpe:2.3:o:gpononu:1ge_router_wifi_onu_v2801rw_firmware:*:*:*:*:*:*:*:* |
gpononu | 1ge\+3fe\+wifi_onu_v2804rgw | - | cpe:2.3:h:gpononu:1ge\+3fe\+wifi_onu_v2804rgw:-:*:*:*:*:*:*:* |
gpononu | 1ge\+3fe\+wifi_onu_v2804rgw_firmware | * | cpe:2.3:o:gpononu:1ge\+3fe\+wifi_onu_v2804rgw_firmware:*:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
98.0%