Vulnerabilities

CVE-2019-9974

by Fred · 11/04/2019

diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack.

Date published : 2019-04-11

https://seclists.org/bugtraq/2019/Mar/41

http://packetstormsecurity.com/files/152232/DASAN-H660RM-Information-Disclosure-Hardcoded-Key.html

Similar

Tags: Cybersecurity Alert