E18-5i0y1
CVSS:
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
False Positive:
t
Variants:
1
Year:
2018
Description
An arbitrary file overwrite vulnerability has been identified in Dasan GPON Home Router. The vulnerability is caused by the lack of proper input sanitisation of dest host parameter within the GponForm. The vulnerability can be exploited by sending a specially-crafted POST request, allowing the attacker to execute arbitrary commands on the device with root privileges.
CVE
References
MSB
BID
ExploitDB
Secunia
Security Tracker
Metasploit
ZDI
OSVDB
{}