CVE-2018-10562 PoC — Dasan GPON家庭路由器命令注入漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2018/CVE-2018-10562.yaml

Associated Vulnerability

Title:Dasan GPON家庭路由器命令注入漏洞 (CVE-2018-10562)
Description:Dasan GPON是韩国Dasan公司的一款家用路由器产品。 Dasan GPON家庭路由器中存在命令注入漏洞，该漏洞源于用户再次访问/diag.html页面时路由器将因特网包探索器的结果保存在/tmp中并将它传输给用户。攻击者可通过向GponForm/diag_Form URI发送带有‘dest_host’参数的diag_action=ping请求利用该漏洞执行命令并检索输出。

Description

Dasan GPON home routers are susceptible to command injection which can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.

File Snapshot


 id: CVE-2018-10562

info:
  name: Dasan GPON Devices - Remote Code Execution
  author: gy741
  sever

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!