Multiple Dasan GPON Routers Command Injection and Authentication Bypass Vulnerabilities

Multiple Dasan GPON Routers is prone to an authentication-bypass vulnerability and a command-injection vulnerability.

An attacker can exploit these issues to bypass authentication or execute arbitrary commands in the context of the affected device.


Bugtraq ID: 107053
Class: Unknown
CVE: CVE-2018-10561

Remote: Yes
Local: No
Published: Feb 18 2019 12:00AM
Updated: Feb 18 2019 12:00AM
Credit: None
Vulnerable: Dasan Networks GPON Router 0

Not Vulnerable:


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Related Posts