The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote malicious users to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dasanzhone znid_2426a_firmware - |