CVE-2020-29383

An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. A hardcoded RSA private key specific to V1600D4L and V1600D-MINI is contained in the firmware images...

CVE-2020-29383

An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. A hardcoded RSA private key specific to V1600D4L and V1600D-MINI is contained in the firmware images...

CVE-2020-29383

An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. A hardcoded RSA private key specific to V1600D4L and V1600D-MINI is contained in the firmware images...

Input validation

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. There is an !j@ly$z%x6x7q8c9z password for the admin account to authenticate to the TELNET service...

Hardcoded credentials

An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. A hardcoded RSA private key specific to V1600D4L and V1600D-MINI is contained in the firmware images...

Command injection

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. Command injection can occur in "upload tftp syslog" and "upload tftp configuration" in the CLI via a crafted filename...

CVE-2020-29375

CVE-2020-29375 affects multiple V-SOL OLT devices (V1600D/V2.03.69 and V2.03.57; V1600D4L/V1.01.49; V1600D-MINI/V1.01.48; V1600G1/V2.0.7 and V1.9.7; V1600G2/V1.1.4). The root cause is a hardcoded password (4ef9cea10b2362f15ba4558b1d5c081f) that a low-privileged, non-admin attacker can use to crea...

CVE-2020-29379

An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. During the process of updating the firmware, the update script starts a telnetd -l /bin/sh process that does not require authentication for TELNET access...

CVE-2020-29380

The CVE-2020-29380 affects several V-SOL OLT devices (V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 with versions listed) where TELNET is offered by default and SSH is not consistently available. The root issue is cleartext password transmission enabling interception and a man-in-the-middle attack ...

CVE-2020-29383

An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. A hardcoded RSA private key specific to V1600D4L and V1600D-MINI is contained in the firmware images...

V-SOL Trust Management Issue Vulnerability

V-Solution V1600D is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600D4L is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600D-MINI is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600G1 is a...

V-SOL Authorization Issues Vulnerability

Wisepac V-Solution V1600D4L is a Gpon-enabled terminal device for connecting fiber optic trunk lines from Wisepac China. VIA Communications V-Solution V1600D-MINI is a Gpon-enabled terminal device for connecting fiber optic trunk lines from VIA Communications, China. A security vulnerability exis...

V-SOL Multiple Product Trust Management Issue Vulnerabilities

V-Solution V1600D is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600D4L is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600D-MINI is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600G1 is a...

V-SOL Multiple Product Trust Management Issue Vulnerabilities

V-Solution V1600D is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600D4L is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600D-MINI is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600G1 is a...