Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
backupsettings.html in the web administrative portal in Zhone zNID GPON 2426A before S3.0.501 places a session key in a URL, which allows remote attackers to obtain arbitrary user passwords via the sessionKey parameter in a getConfig action to backupsettings.conf.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zhone Technologies zNID GPON 2426A 安全漏洞
Vulnerability Description
Zhone Technologies zNID GPON 2426A是美国Zhone Technologies公司的一款路由器。web administrative portal是其中的一个Web管理员控制台程序。 Zhone Technologies zNID GPON 2426A S3.0.501之前的版本中的Web管理门户网站的backupsettings.html网页存在安全漏洞。远程攻击者可借助‘sessionKey’参数利用该漏洞获取任意的用户密码。
CVSS Information
N/A
Vulnerability Type
N/A