CVE-2020-29382

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. A hardcoded RSA private key specific to V1600D, V1600G1, and V1600G2 is contained in the firmware images...

Input validation

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. There is an !j@ly$z%x6x7q8c9z password for the admin account to authenticate to the TELNET service...

Command injection

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. Command injection can occur in "upload tftp syslog" and "upload tftp configuration" in the CLI via a crafted filename...

Hardcoded credentials

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. A hardcoded RSA private key specific to V1600D, V1600G1, and V1600G2 is contained in the firmware images...

CVE-2020-29375

CVE-2020-29375 affects multiple V-SOL OLT devices (V1600D/V2.03.69 and V2.03.57; V1600D4L/V1.01.49; V1600D-MINI/V1.01.48; V1600G1/V2.0.7 and V1.9.7; V1600G2/V1.1.4). The root cause is a hardcoded password (4ef9cea10b2362f15ba4558b1d5c081f) that a low-privileged, non-admin attacker can use to crea...

CVE-2020-29380

The CVE-2020-29380 affects several V-SOL OLT devices (V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 with versions listed) where TELNET is offered by default and SSH is not consistently available. The root issue is cleartext password transmission enabling interception and a man-in-the-middle attack ...

V-SOL Trust Management Issue Vulnerability

V-Solution V1600D and so on are the products of VIACOM China.V-Solution V1600D is a terminal device for connecting to fiber optic trunks with Gpon support.V-Solution V1600G1 is a terminal device for connecting to fiber optic trunks with Gpon support.V-Solution V1600G2 is a terminal device for...

V-SOL Multiple Product Trust Management Issue Vulnerabilities

V-Solution V1600D is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600D4L is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600D-MINI is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600G1 is a...

V-SOL Multiple Product Trust Management Issue Vulnerabilities

V-Solution V1600D is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600D4L is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600D-MINI is a Gpon-enabled terminal device for connecting fiber optic trunks.V-Solution V1600G1 is a...