Vulnerabilities Affecting Over 1 Million Dasan GPON Routers [source: bleepingcomputer]

by CIRT Team

Two vulnerabilities affecting over one million routers, and disclosed earlier this week, are now under attack by botnet herders, who are trying to gather the vulnerable devices under their control.

Attacks started yesterday, Thursday, May 3, according to Netlab, the network security division of Chinese cyber-security vendor Qihoo 360.

Exploitation of these two flaws started after on Monday, April 30, an anonymous researcher published details of the two vulnerabilities via the VPNMentor blog.

Simple hacks expose Dasan GPON routers

His findings detail two flaws —an authentication bypass (CVE-2018-10561) and a remote code execution vulnerability (CVE-2018-10562).

The most ludicrous of these two flaws is the first, which basically allows anyone to access the router’s internal settings by appending the “?images” string to any URL, effectively giving anyone control over the router’s configuration.

By combining these two issues, the anonymous researcher said he was able to bypass authentication and execute code on vulnerable devices. A video by the VPNMentor crew summarizes the findings.

For more, click here.

CIRT Team

Recommended Posts

Training on cybersecurity awareness for Department of Women Affairs

25 Nov 2023 - Articles, English articles, News, News Clipping, Service

BGD e-GOV CIRT এর আয়োজনে আয়োজনে আর্থিক প্রতিষ্ঠান ও CII সমূহের সাইবার ড্রিল ২০২৩ চূড়ান্ত পর্ব অনুষ্ঠিত

22 Oct 2023 - Articles, Bangla Articles, CIRT In Media, News, News Clipping

WhatsApp down for millions of users globally: App not working for group and individual chats; Twitter gets flooded with memes

25 Oct 2022 - News, News Clipping