CVE-2018-10562 Scanner
Detects 'Command Injection' vulnerability in GPON Home Routers affects v. Unknown.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Time Interval
816 sec
Scan only one
Domain, Ipv4
Toolbox
-
GPON Home Routers are used as a home networking device that enables internet access across various devices. These routers use Gigabit Passive Optical Network (GPON) technology to provide users with a high-speed internet connection. The GPON Home Routers software is designed to make the digital experience at home more seamless and efficient. It provides features such as Wi-Fi connectivity, port forwarding, firewall protections, and parental controls. With the increased dependency on the internet, GPON Home Routers have become an essential aspect of modern-day living.
CVE-2018-10562 is a vulnerability discovered in the Dasan GPON Home Routers. The issue is caused by command injection, which can occur when a ping request is made with a specific parameter to the GponForm/diag_Form URI. The dest_host parameter can be exploited to execute arbitrary commands on the router, leading to unauthorized access to the device. The vulnerability allows an attacker to gain access to crucial information, including usernames and passwords, network configurations, and other sensitive data.
Exploiting the vulnerability above can have devastating consequences. Once an attacker gains access to the GPON Home Router, they can launch other more advanced attacks on other connected devices. An attacker can use this vulnerability to install malware or spyware, steal personal data, make unauthorized transactions, and launch DDoS attacks. This vulnerability poses a security threat to both individuals and businesses, making it essential to keep devices updated with the latest security patches and protocols.
At s4e.io, we understand the importance of protecting your digital assets from cyber threats. Our platform offers features that enable individuals, businesses, and organizations to identify and mitigate vulnerabilities in their digital infrastructure. With our pro features, you can easily and quickly learn about vulnerabilities, assess their impact and take appropriate actions. We believe that everyone deserves to be safe in an increasingly interconnected world, and we are committed to delivering on our promise of S4E.
REFERENCES