CVE-2024-30973

2024-05-0622:15:08

[email protected]

web.nvd.nist.gov

v-sol

epon

hg323ac-b

firmware

code execution

data theft

crafted post request

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

An issue in V-SOL G/EPON ONU HG323AC-B with firmware version V2.0.08-210715 allows an attacker to execute arbtirary code and obtain sensitive information via crafted POST request to /boaform/getASPdata/formFirewall, /boaform/getASPdata/formAcc.

References

github.com/Athos-Zago/CVE-2024-30973/tree/main