CVE-2014-9118

HIGH EXPLOITED

Zhone zNID GPON 2426A <S3.0.501 - RCE

Title source: llm

Exploitation Summary

CVE-2014-9118 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Lyon Yang.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in Zhone ZNID GPON routers, including insecure direct object reference, password disclosure, remote command injection, XSS, and privilege escalation. It provides proof-of-concept steps and affected URLs but does not include executable exploit code.

Description

The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.

Exploits (1)

exploitdb WRITEUP

by Lyon Yang · textremotehardware

https://www.exploit-db.com/exploits/38453

View Code ZIP pw:eip

This advisory details multiple vulnerabilities in Zhone ZNID GPON routers, including insecure direct object reference, password disclosure, remote command injection, XSS, and privilege escalation. It provides proof-of-concept steps and affected URLs but does not include executable exploit code.

Classification

Writeup 100%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Zhone ZNID GPON 2426A (and related models) < S3.0.501

Auth required

Prerequisites: Access to the router's web interface · Low-privileged credentials

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2015/Oct/57

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/38453/

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/133921/Zhone-Insecure-Reference-Password-Disclosure-Command-Injection.html

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/536663/100/0/threaded

Scores

CVSS v3 8.8

EPSS 0.5336

EPSS Percentile 98.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2022-04-12

CWE

CWE-77

Status published

Products (1)

dasanzhone/znid_2426a_firmware

Published Oct 17, 2017

Tracked Since Feb 18, 2026