9 matches found
Chunghwa Telecom HiNet GPON Arbitrary File Read Vulnerability (CNVD-2019-38472)
Chunghwa Telecom HiNet GPON is an optical modem from Chunghwa Telecom in Taiwan, China. A security vulnerability exists in the Chunghwa Telecom HiNet GPON using firmware prior to I040GWR190731. The vulnerability can be exploited by an attacker to execute commands and read arbitrary files via a...
CVE-2019-13412
A service which is hosted on port 3097 in HiNet GPON firmware I040GWR190731 allows an attacker to execute a specific command to read arbitrary files. CVSS 3.0 Base score 9.3. CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L...
CVE-2019-13412
A service which is hosted on port 3097 in HiNet GPON firmware I040GWR190731 allows an attacker to execute a specific command to read arbitrary files. CVSS 3.0 Base score 9.3. CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L...
Command injection
A service which is hosted on port 3097 in HiNet GPON firmware I040GWR190731 allows an attacker to execute a specific command to read arbitrary files. CVSS 3.0 Base score 9.3. CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L...
CVE-2019-13412
CVE-2019-13412 affects the HiNet GPON firmware (
CVE-2019-13412 A vulnerability was discovered in HiNet GPON firmware < I040GWR190731 that allows an attacker to read arbitrary files
A service which is hosted on port 3097 in HiNet GPON firmware I040GWR190731 allows an attacker to execute a specific command to read arbitrary files. CVSS 3.0 Base score 9.3. CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L...
CVE-2019-13411
An “invalid command” handler issue was discovered in HiNet GPON firmware I040GWR190731. It allows an attacker to execute arbitrary command through port 3097. CVSS 3.0 Base score 10.0. CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H...
Command injection
An “invalid command” handler issue was discovered in HiNet GPON firmware I040GWR190731. It allows an attacker to execute arbitrary command through port 3097. CVSS 3.0 Base score 10.0. CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H...
CVE-2019-13411 A remote command execution vulnerability was discovered in HiNet GPON firmware < I040GWR190731 port 3097
An “invalid command” handler issue was discovered in HiNet GPON firmware I040GWR190731. It allows an attacker to execute arbitrary command through port 3097. CVSS 3.0 Base score 10.0. CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H...