CVE-2017-18046

NONE EPSS 91.4%
Published Jan 21, 20188y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jan 21, 2018 8y ago
Last Modified Jun 17, 2026 2w ago

Description

Buffer overflow on Dasan GPON ONT WiFi Router H640X 12.02-01121 2.77p1-1124 and 3.03p2-1146 devices allows remote attackers to execute arbitrary code via a long POST request to the login_action function in /cgi-bin/login_action.cgi (aka cgipage.cgi).

Threat Intelligence

EPSS Exploit Probability
91.4% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 4

VendorProductVersionRange
dasannetworksh640x_firmware2.77p1-1124any
dasannetworksh640x_firmware3.03p2-1146any
dasannetworksh640x_firmware12.02-01121any
dasannetworksh640x*any

References 3

  • blogs.securiteam.com https://blogs.securiteam.com/index.php/archives/3552
    ExploitThird Party Advisory
  • pastebin.com https://pastebin.com/Yxd9S46A
  • twitter.com https://twitter.com/ankit_anubhav/status/982261670394249216

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.