A remote command execution vulnerability was discovered in HiNet GPON firmware < I040GWR190731 port 3097

An “invalid command” handler issue was discovered in HiNet GPON firmware < I040GWR190731. It allows an attacker to execute arbitrary command through port 3097. CVSS 3.0 Base score 10.0. CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

N/A

Chunghwa Telecom HiNet GPON 输入验证错误漏洞

Chunghwa Telecom HiNet GPON是中国台湾中华电信（Chunghwa Telecom）公司的一款光调制解调器。 使用I040GWR190731之前版本固件的Chunghwa Telecom HiNet GPON中存在输入验证错误漏洞。攻击者可借助3097端口利用该漏洞执行任意命令。

N/A

N/A