CVE-2019-25284

V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-site scripting vulnerabilities due to improper input sanitization in various script parameters. Attackers can exploit these vulnerabilities by injecting malicious HTML and script code to execute arbitrary scripts in a victim's...

CVE-2019-25284 V-SOL GPON/EPON OLT Platform V2.03.62R_IPv6 v2.03 Reflected Cross-Site Scripting Vulnerability

V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-site scripting vulnerabilities due to improper input sanitization in various script parameters. Attackers can exploit these vulnerabilities by injecting malicious HTML and script code to execute arbitrary scripts in a victim's...

CVE-2019-25237

V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal users to gain administrative access by manipulating the user role parameter. Attackers can send a crafted HTTP POST request to the user management endpoint with 'userrolemod' set to integer value '...

CVE-2019-25239

CVE-2019-25239 affects V-SOL GPON/EPON OLT Platform 2.03. An unauthenticated information disclosure allows downloading sensitive configuration data by requesting the usrcfg.conf endpoint via HTTP GET, potentially enabling authentication bypass and system access. This is supported by multiple sour...

CVE-2019-25238

The provided connected documents confirm CVE-2019-25238 concerns V-SOL GPON/EPON OLT Platform 2.03 and describe a cross-site request forgery (CSRF) vulnerability. Exploitation involves convincing authenticated administrators to load a malicious page, enabling attackers to perform actions such as ...

Huawei-China Telecom GPON/EPON Routing All-in-One Machine Exploits Arbitrary File Download Vulnerability

Founded in 1987, Huawei is a provider of ICT information and communications infrastructure and smart terminals. An arbitrary file download vulnerability exists in the Huawei - China Telecom GPON/EPON Routing All-in-One. An attacker can exploit the vulnerability to obtain sensitive information...

V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery

Exploit Title: V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery Author: LiquidWorm Discovery Date: 2019-09-26 Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Tested on: GoAhead-Webs Advisory ID: ZSL-2019-5536 Advisory URL:...

V-SOL GPON/EPON OLT Platform 2.03 - Remote Privilege Escalation Vulnerability

Exploit for hardware platform in category web applications Exploit Title: V-SOL GPON/EPON OLT Platform 2.03 - Remote Privilege Escalation Author: LiquidWorm Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Tested on: GoAhead-Webs Advisory ID:...

V-SOL GPON/EPON OLT Platform 2.03 Cross Site Scripting

V-SOL GPON/EPON OLT Platform v2.03 Reflected XSS Vulnerability Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Affected version: V2.03.62RIPv6 V2.03.54R V2.03.52R V2.03.49 V2.03.47 V2.03.40 V2.03.26 V2.03.24 V1.8.6 V1.4 Summary: GPON is...

V-SOL GPON/EPON OLT Platform v2.03 Link Manipulation Vulnerability

Summary GPON is currently the leading FTTH standard in broadband access technology being widely deployed by service providers around the world. GPON/EPON OLT products are 1U height 19 inch rack mount products. The features of the OLT are small, convenient, flexible, easy to deploy, high...

V-SOL GPON/EPON OLT Platform 2.03 Link Manipulation

V-SOL GPON/EPON OLT Platform v2.03 Link Manipulation Vulnerability Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Affected version: V2.03.62RIPv6 V2.03.54R V2.03.52R V2.03.49 V2.03.47 V2.03.40 V2.03.26 V2.03.24 V1.8.6 V1.4 Summary: GPON is...