CVE-2024-30973

HIGH

V-SOL G/EPON ONU HG323AC-B V2.0.08-210715 - RCE

Title source: llm

Description

An issue in V-SOL G/EPON ONU HG323AC-B with firmware version V2.0.08-210715 allows an attacker to execute arbtirary code and obtain sensitive information via crafted POST request to /boaform/getASPdata/formFirewall, /boaform/getASPdata/formAcc.

Exploits (1)

nomisec WRITEUP

by Athos-Zago · poc

https://github.com/Athos-Zago/CVE-2024-30973

View Code ZIP pw:eip

References (1)

[Various Sources] https://github.com/Athos-Zago/CVE-2024-30973/tree/main

Scores

CVSS v3 8.8

EPSS 0.0076

EPSS Percentile 73.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Published May 06, 2024

Tracked Since Feb 18, 2026