vpnmentor

2 exploits Active since May 2018
CVE-2018-10561 EXPLOITDB CRITICAL bash WORKING POC
Dasan GPON Router Firmware - Authentication Bypass via URL Parameter Injection
An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.
CVSS 9.8
CVE-2018-10562 EXPLOITDB CRITICAL bash WORKING POC
Dasan GPON Router Firmware - OS Command Injection via diag_action ping dest_host Parameter
An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
CVSS 9.8