CVE-2019-3921

HIGH

Nokia I-240W-Q GPON ONT Firmware 3FE54567BOZJ19 - Authenticated Stack-based Buffer Overflow via HTTP POST Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-3921. PoCs published by Artem Metla.

AI-analyzed exploit summary This exploit targets CVE-2019-3921, a buffer overflow vulnerability in GPON ONT devices, leading to remote code execution (RCE) via a crafted payload in the 'usb_Form' endpoint. It leverages shellcode to spawn a TFTP service on UDP port 69.

Description

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potentially execute arbitrary code.

Exploits (1)

exploitdb WORKING POC
by Artem Metla · pythonremotehardware
https://www.exploit-db.com/exploits/46469

This exploit targets CVE-2019-3921, a buffer overflow vulnerability in GPON ONT devices, leading to remote code execution (RCE) via a crafted payload in the 'usb_Form' endpoint. It leverages shellcode to spawn a TFTP service on UDP port 69.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GPON ONT devices (specific versions not specified)
Auth required
Prerequisites: Authenticated access to the target device · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2019-09
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/46469/

Scores

CVSS v3 8.8
EPSS 0.1789
EPSS Percentile 96.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-121 CWE-787
Status published
Products (1)
nokia/i-240w-q_gpon_ont_firmware 3fe54567bozj19
Published Mar 05, 2019
Tracked Since Feb 18, 2026