An issue exists on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dasannetworks gpon_router_firmware - |