.. / CVE-2018-10562

Exploit for Dasan GPON Devices - Remote Code Execution (CVE-2018-10562)

Description:

Dasan GPON home routers are susceptible to command injection which can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it’s quite simple to execute commands and retrieve their output.

Nuclei Template

View the template here CVE-2018-10562.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2018/CVE-2018-10562.yaml

References:

https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router
https://github.com/ethicalhackeragnidhra/GPON
https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/
https://github.com/f3d0x0/GPON/blob/master/gpon_rce.py
https://nvd.nist.gov/vuln/detail/CVE-2018-10562

.. / CVE-2018-10562 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Dasan GPON Devices - Remote Code Execution (CVE-2018-10562)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2018-10562