Back to search
CVE-2020-8958
Published: Jul 15, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.gpononu.com/dual-mode-onu/1GE-Router-WiFi-ONU.html
x_refsource_MISC
https://www.gpononu.com/gpon-ont/4ge-epon-onu-v2804ew.html
x_refsource_MISC
https://github.com/qurbat/gpon
x_refsource_MISC
https://www.karansaini.com/os-command-injection-v-sol/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now