Lucene search
K

33 matches found

RedhatCVE
RedhatCVE
added 2025/08/30 6:21 p.m.5 views

CVE-2025-29525

DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was discovered to contain insecure default credentials in the modem's control panel...

5.3CVSS7.3AI score0.0027EPSS
Exploits0References1
NVD
NVD
added 2025/08/25 3:15 p.m.4 views

CVE-2025-29524

Incorrect access control in the component /cgi-bin/systemdiagnosticmain.asp of DASAN GPON ONU H660WM H660WMR210825 allows attackers to access sensitive information...

6.5CVSS0.00303EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/25 12:0 a.m.2 views

CVE-2025-29525

DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was discovered to contain insecure default credentials in the modem's control panel...

6.8AI score0.0027EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/25 12:0 a.m.2 views

CVE-2025-29524

Incorrect access control in the component /cgi-bin/systemdiagnosticmain.asp of DASAN GPON ONU H660WM H660WMR210825 allows attackers to access sensitive information...

6.3AI score0.00303EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/11/08 2:2 p.m.99 views

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent...

10CVSS10AI score0.99999EPSS
Exploits365
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/31 12:0 a.m.44 views

Dasan GPON Routers Authentication Bypass Vulnerability

Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution...

9.8CVSS6.3AI score0.9995EPSS
In wildExploits10
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/31 12:0 a.m.44 views

Dasan GPON Routers Command Injection Vulnerability

Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution...

9.8CVSS6.3AI score0.9995EPSS
In wildExploits10
BDU FSTEC
BDU FSTEC
added 2019/03/29 12:0 a.m.6 views

The vulnerability of the Dasan GPON router’s microprogramming software, related to the lack of measures taken to clean data at the management level, allows attackers to perform arbitrary actions with administrator privileges.

The vulnerability of the microprogramming software of the Dasan GPON router is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor, operating remotely, to perform arbitrary actions with administrator privileges...

10CVSS8.2AI score0.9995EPSS
Exploits7References4
ThreatPost
ThreatPost
added 2018/07/20 8:24 p.m.119 views

D-Link, Dasan Routers Under Attack In Yet Another Assault

Unpatched D-Link and Dasan GPON router vulnerabilities are being targeted by hackers attempting to build a botnet army, according to research published Friday by eSentire Threat Intelligence. Researchers observed on Thursday a massive uptick in exploit attempts from over 3,000 different source IP...

7.5CVSS10AI score0.9995EPSS
Exploits10References10
VulnCheck KEV
VulnCheck KEV
added 2018/06/15 12:0 a.m.4 views

VulnCheck KEV: CVE-2018-10562

Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution...

9.8CVSS7.7AI score0.9995EPSS
Exploits10References1
GithubExploit
GithubExploit
added 2018/05/17 10:3 p.m.23 views

Exploit for OS Command Injection in Dasannetworks Gpon_Router_Firmware

GPON-LOADER Exploit loader for Remote...

9.8CVSS8.2AI score0.9995EPSS
Exploits7
Check Point Advisories
Check Point Advisories
added 2018/05/13 12:0 a.m.18 views

Dasan GPON Router Remote Command Injection (CVE-2018-10562)

A remote command execution vulnerability exists in Dasan GPON routers. A remote attacker could exploit this vulnerability by sending a malicious request to the victim. Successful exploitation of this vulnerability can result in the execution of arbitrary code in the context of the target user...

7.5CVSS6.3AI score0.9995EPSS
Exploits7
Check Point Advisories
Check Point Advisories
added 2018/05/13 12:0 a.m.43 views

Dasan GPON Router Authentication Bypass (CVE-2018-10561)

An authentication bypass vulnerability exists in Dasan GPON routers. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

7.5CVSS5.7AI score0.93316EPSS
Exploits7
The Hacker News
The Hacker News
added 2018/05/08 1:5 p.m.2 views

A Simple Tool Released to Protect Dasan GPON Routers from Remote Hacking

Since hackers have started exploiting two recently disclosed unpatched critical vulnerabilities found in GPON home routers, security researchers have now released an unofficial patch to help millions of affected users left vulnerable by their device manufacturer. Last week, researchers at vpnMent...

9.8CVSS8.4AI score0.9995EPSS
Exploits10
VulnCheck KEV
VulnCheck KEV
added 2018/05/07 12:0 a.m.4 views

VulnCheck KEV: CVE-2018-10561

Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution...

9.8CVSS7.7AI score0.9995EPSS
Exploits10References1
NVD
NVD
added 2018/05/04 3:29 a.m.22 views

CVE-2018-10562

An issue was discovered on Dasan GPON home routers. Command Injection can occur via the desthost parameter in a diagaction=ping request to a GponForm/diagForm URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to...

9.8CVSS10AI score0.9995EPSS
Exploits7References4
Prion
Prion
added 2018/05/04 3:29 a.m.45 views

Authentication flaw

An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diagFORM?images/ URI. One can then manage the device...

7.5CVSS9.7AI score0.93316EPSS
Exploits7References3
Prion
Prion
added 2018/05/04 3:29 a.m.32 views

Command injection

An issue was discovered on Dasan GPON home routers. Command Injection can occur via the desthost parameter in a diagaction=ping request to a GponForm/diagForm URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to...

7.5CVSS9.9AI score0.9995EPSS
Exploits7References3
NVD
NVD
added 2018/05/04 3:29 a.m.31 views

CVE-2018-10561

An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diagFORM?images/ URI. One can then manage the device...

9.8CVSS9.6AI score0.93316EPSS
Exploits7References4
Vulnrichment
Vulnrichment
added 2018/05/04 3:0 a.m.11 views

CVE-2018-10562

An issue was discovered on Dasan GPON home routers. Command Injection can occur via the desthost parameter in a diagaction=ping request to a GponForm/diagForm URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to...

8AI score0.9995EPSS
Exploits7References3
Rows per page
Query Builder