19 matches found
Dasan GPON Routers Command Injection Vulnerability
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution...
Dasan GPON Routers Authentication Bypass Vulnerability
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution...
Authorization
diagtool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack...
CVE-2019-9974
CVE-2019-9974 affects DASAN H660RM GPON routers running firmware 1.03-0022. diag_tool.cgi lacks any authorization, enabling remote attackers to spawn ping processes via a GET request to enumerate LAN hosts or cause DoS by memory exhaustion. The lack of auth in diag_get_result.cgi also allows retr...
VulnCheck KEV: CVE-2018-10562
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution...
Hackers are exploiting a new zero-day flaw in GPON routers
Even after being aware of various active cyber attacks against the GPON Wi-Fi routers, if you haven't yet taken them off the Internet, then be careful—because a new botnet has joined the GPON party, which is exploiting an undisclosed zero-day vulnerability in the wild. Security researchers from...
Exploit for OS Command Injection in Dasannetworks Gpon_Router_Firmware
GPON-LOADER Exploit loader for Remote...
A Simple Tool Released to Protect Dasan GPON Routers from Remote Hacking
Since hackers have started exploiting two recently disclosed unpatched critical vulnerabilities found in GPON home routers, security researchers have now released an unofficial patch to help millions of affected users left vulnerable by their device manufacturer. Last week, researchers at vpnMent...
VulnCheck KEV: CVE-2018-10561
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution...
CVE-2018-10561
An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diagFORM?images/ URI. One can then manage the device...
CVE-2018-10562
An issue was discovered on Dasan GPON home routers. Command Injection can occur via the desthost parameter in a diagaction=ping request to a GponForm/diagForm URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it’s quite simple to...
PT-2018-2613 · Dasan · Dasan Gpon Routers
Name of the Vulnerable Software and Affected Versions: Dasan GPON Routers affected versions not specified Description: An issue was discovered on Dasan GPON home routers where Command Injection can occur via the dest host parameter in a "diag action=ping" request to a "GponForm/diag Form" URI. Th...
GPON Routers - Authentication Bypass Command Injection
GPON Routers - Authentication Bypass Command Injection !/bin/bash echo "+ Sending the Command… " We send the commands with two modes backtick and semicolon ; because different models trigger on different devices curl -k -d "XWebPageName=diag&diagaction=ping&wanconlist=0&desthost=$2;$2&ipv=0"...
GPON Routers - Authentication Bypass / Command Injection Exploit
Exploit for hardware platform in category remote exploits !/bin/bash echo "+ Sending the Command… " We send the commands with two modes backtick and semicolon ; because different models trigger on different devices curl -k -d "XWebPageName=diag&diagaction=ping&wanconlist=0&desthost=$2;$2&ipv=0"...
GPON Routers - Authentication Bypass / Command Injection
!/bin/bash echo "+ Sending the Command… " We send the commands with two modes backtick and semicolon ; because different models trigger on different devices curl -k -d "XWebPageName=diag&diagaction=ping&wanconlist=0&desthost=$2;$2&ipv=0" $1/GponForm/diagForm?images/ 2/dev/null 1/dev/null echo "+...
GPON Routers Multiple Vulnerabilities
GPON Home Routers are prone to multiple vulnerabilities. Those vulnerabilities where known to be exploited by the Mettle, Muhstik, Mirai, Hajime, and Satori Botnets in 2018. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...
Critical RCE Vulnerability Found in Over a Million GPON Home Routers
Overview: We conducted a comprehensive assessment on a number of GPON home routers. Many routers today use GPON internet, and we found a way to bypass all authentication on the devices CVE-2018-10561. With this authentication bypass, we were also able to unveil another command injection...
Zhone Technologies zNID GPON Information Disclosure Vulnerability
Zhone Technologies zNID GPON 24xx, 24xxA, 42xx, 42xxA, 26xx and 28xx are router products from Zhone Technologies, USA. The Zhone Technologies zNID GPON Web Administrative Portal uses Base64 encoding to store passwords in a backup file, allowing a remote attacker to exploit the vulnerability to...
Huawei HG866 - Authentication Bypass
Huawei HG866 - Authentication Bypass Exploit Title: Huawei HG866 Authentication Bypass Date: Jun 14 2012 Exploit Author: hkm Vendor Homepage: http://www.huawei.com Version: V1R2C01SPC202, R3.2.4.92sbn - R3.4.2.257sbn, 3FE53864AOCB16 Tested on: HG866GTAVER.C, 01, 02 Advisory:...