Dasan GPON Devices - Remote Code Execution CVE-2018-10562
- CVSSv3 Score
- Vulnerability description
Dasan GPON home routers are susceptible to command injection which can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
- Risk description
The risk exists that a remote unauthenticated attacker can fully compromise the server to steal confidential information, install ransomware, or pivot to the internal network.
Apply the latest firmware update provided by the vendor to mitigate this vulnerability.
- Not available