CVE-2018-10562 - Dasan GPON Routers Command Injection Vulnerability
Project:Dasan
Product:Gigabit Passive Optical Network (GPON) Routers
Date Added:2022-03-31Due Date:2022-04-21
Vulnerability Name
Dasan GPON Routers Command Injection Vulnerability
Description
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution.
Known To Be Used in Ransomware Campaigns?
Known
Action
The impacted product is end-of-life and should be disconnected if still in use.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-10562
Related News Articles
New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS AttacksJanuary 30, 2025
New Aquabotv3 botnet malware targets Mitel command injection flawJanuary 30, 2025
AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud ServicesNovember 8, 2024