CVE-2025-63409

Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials...

CVE-2025-63409

Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials...

CVE-2025-63409

Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials...

CVE-2025-71056

Improper session management in GCOM EPON 1GE ONU version C00R371V00B01 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user...

CVE-2025-63409

Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials...

CVE-2025-63409

Privilege escalation and improper access control in GCOM EPON 1GE C00R371V00B01 allows remote authenticated users to modify administrator only settings and extract administrator credentials...

CVE-2025-71056

Improper session management in GCOM EPON 1GE ONU version C00R371V00B01 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user...

PT-2026-21553

Name of the Vulnerable Software and Affected Versions GCOM EPON 1GE ONU version C00R371V00B01 Description The software suffers from improper session management, which enables attackers to hijack user sessions. This is achieved by spoofing the IP address of an authenticated user. Recommendations...

CVE-2025-71056

Improper session management in GCOM EPON 1GE ONU version C00R371V00B01 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user...

CVE-2025-71056

Improper session management in GCOM EPON 1GE ONU version C00R371V00B01 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user...

CVE-2019-25284

V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-site scripting vulnerabilities due to improper input sanitization in various script parameters. Attackers can exploit these vulnerabilities by injecting malicious HTML and script code to execute arbitrary scripts in a victim's...

CVE-2019-25284 V-SOL GPON/EPON OLT Platform V2.03.62R_IPv6 v2.03 Reflected Cross-Site Scripting Vulnerability

V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-site scripting vulnerabilities due to improper input sanitization in various script parameters. Attackers can exploit these vulnerabilities by injecting malicious HTML and script code to execute arbitrary scripts in a victim's...

CVE-2019-25282 V-SOL GPON/EPON OLT Platform V2.03.62R_IPv6 v2.03 Open Redirect via bindProfile.html

V-SOL GPON/EPON OLT Platform v2.03 contains an open redirect vulnerability in the script that allows attackers to manipulate the 'parent' GET parameter. Attackers can craft malicious links that redirect logged-in users to arbitrary websites by exploiting improper input validation in the redirect...

EUVD-2025-206085

ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows limited administrative users to elevate access by sending requests to configuration endpoints. Attackers can exploit the vulnerability by accessing the configuration backup or password page to disclos...

CVE-2021-47741

ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows limited administrative users to elevate access by sending requests to configuration endpoints. Attackers can exploit the vulnerability by accessing the configuration backup or password page to disclos...

CVE-2021-47741

The CVE-2021-47741 entry concerns the ZBL EPON ONU Broadband Router V100R001. The vulnerability is a privilege-escalation issue that allows limited administrative users to elevate access by calling configuration endpoints. Exploitation is described as possible through access to the configuration ...

CVE-2019-25237

V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal users to gain administrative access by manipulating the user role parameter. Attackers can send a crafted HTTP POST request to the user management endpoint with 'userrolemod' set to integer value '...

CVE-2019-25239

CVE-2019-25239 affects V-SOL GPON/EPON OLT Platform 2.03. An unauthenticated information disclosure allows downloading sensitive configuration data by requesting the usrcfg.conf endpoint via HTTP GET, potentially enabling authentication bypass and system access. This is supported by multiple sour...

CVE-2019-25238

The provided connected documents confirm CVE-2019-25238 concerns V-SOL GPON/EPON OLT Platform 2.03 and describe a cross-site request forgery (CSRF) vulnerability. Exploitation involves convincing authenticated administrators to load a malicious page, enabling attackers to perform actions such as ...

V-SOL GPON/EPON OLT Platform 安全漏洞

V-SOL GPON/EPON OLT Platform is an optical line terminal management platform from China Sentry V-SOL. A security vulnerability exists in V-SOL GPON/EPON OLT Platform version v2.03, which originates from improper manipulation of user role parameters and may result in elevated privileges...