CVE-2019-25284 V-SOL GPON/EPON OLT Platform V2.03.62R_IPv6 v2.03 Reflected Cross-Site Scripting Vulnerability

V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-site scripting vulnerabilities due to improper input sanitization in various script parameters. Attackers can exploit these vulnerabilities by injecting malicious HTML and script code to execute arbitrary scripts in a victim's...

CVE-2019-25284

CVE-2019-25284 concerns the V-SOL GPON/EPON OLT Platform. Connected sources confirm multiple reflected cross-site scripting vulnerabilities caused by improper input sanitization in various script parameters. The issues affect V-SOL GPON/EPON OLT Platform version 2.03 (and related entries citing 2...

CVE-2019-25284 V-SOL GPON/EPON OLT Platform V2.03.62R_IPv6 v2.03 Reflected Cross-Site Scripting Vulnerability

V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-site scripting vulnerabilities due to improper input sanitization in various script parameters. Attackers can exploit these vulnerabilities by injecting malicious HTML and script code to execute arbitrary scripts in a victim's...

CVE-2019-25282

Summary of CVE-2019-25282 (V-SOL GPON/EPON OLT Platform) The issue is an open redirect vulnerability in the bindProfile.html script of V-SOL GPON/EPON OLT Platform, affecting versions 2.03 and 2.03.62R IPv6. The root cause is improper validation of the GET parameter named parent , allowing an att...

CVE-2019-25238

V-SOL GPON/EPON OLT Platform 2.03 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to create admin users, enable SSH, or modify system settings by tricking authenticated...

CVE-2019-25239

CVE-2019-25239 affects V-SOL GPON/EPON OLT Platform 2.03. An unauthenticated information disclosure allows downloading sensitive configuration data by requesting the usrcfg.conf endpoint via HTTP GET, potentially enabling authentication bypass and system access. This is supported by multiple sour...

CVE-2019-25237 V-SOL GPON/EPON OLT Platform 2.03 Privilege Escalation via User Role Parameter

V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal users to gain administrative access by manipulating the user role parameter. Attackers can send a crafted HTTP POST request to the user management endpoint with 'userrolemod' set to integer value '...

V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery Author: LiquidWorm Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Tested on: GoAhead-Webs Advisory ID:...

V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery

Exploit Title: V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery Author: LiquidWorm Discovery Date: 2019-09-26 Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Tested on: GoAhead-Webs Advisory ID: ZSL-2019-5536 Advisory URL:...

V-SOL GPON/EPON OLT Platform 2.03 Cross Site Scripting

V-SOL GPON/EPON OLT Platform v2.03 Reflected XSS Vulnerability Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Affected version: V2.03.62RIPv6 V2.03.54R V2.03.52R V2.03.49 V2.03.47 V2.03.40 V2.03.26 V2.03.24 V1.8.6 V1.4 Summary: GPON is...