CVE-2018-10561

CRITICAL KEV RANSOMWARE

Dasan GPON Router Firmware - Authentication Bypass via URL Parameter Injection

Title source: llm

Exploitation Summary

CVE-2018-10561 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 31, 2022, with confirmed use in ransomware campaigns. EIP tracks 1 public exploit from researchers including vpnmentor.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in the diagnostic ping functionality of certain GPON routers. It sends a crafted payload via curl to execute arbitrary commands on the target device and retrieves the output.

Description

An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.

Exploits (1)

exploitdb WORKING POC

by vpnmentor · bashremotehardware

https://www.exploit-db.com/exploits/44576

View Code ZIP pw:eip

This exploit leverages a command injection vulnerability in the diagnostic ping functionality of certain GPON routers. It sends a crafted payload via curl to execute arbitrary commands on the target device and retrieves the output.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: GPON routers (specific models affected by CVE-2018-10562)

No auth needed

Prerequisites: Target device must be accessible via HTTP · Diagnostic functionality must be enabled

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-10561

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/107053

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/44576/

Exploit, Technical Description, Third Party Advisory x_refsource_misc

https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/

Scores

CVSS v3 9.8

EPSS 0.9332

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable yes

Technical Impact total

Details

CISA KEV 2022-03-31

VulnCheck KEV 2018-05-07

InTheWild.io 2018-05-03

ENISA EUVD EUVD-2018-2633

Ransomware Use Confirmed

CWE

CWE-287

Status published

Products (1)

dasannetworks/gpon_router_firmware

Published May 04, 2018

KEV Added Mar 31, 2022

Tracked Since Feb 18, 2026