3 matches found
CVE-2018-10562
An issue was discovered on Dasan GPON home routers. Command Injection can occur via the desthost parameter in a diagaction=ping request to a GponForm/diagForm URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to...
PT-2018-2613 · Dasan · Dasan Gpon Routers
Name of the Vulnerable Software and Affected Versions: Dasan GPON Routers affected versions not specified Description: An issue was discovered on Dasan GPON home routers where Command Injection can occur via the dest host parameter in a "diag action=ping" request to a "GponForm/diag Form" URI. Th...
GPon Router Remote Command Execution Vulnerability
Dasan GPON is a home router product from Dasan Korea. A command injection vulnerability exists in the Dasan GPON Home Router that originates when a user revisits the /diag.html page where the router saves the results of the Internet Packet Explorer in /tmp and transmits it to the user. An attacke...