6.5
CVSSv2

CVE-2019-3921

Published: 05/03/2019 Updated: 13/03/2019
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated malicious user to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potentially execute arbitrary code.

Vulnerability Trend

Affected Products

Vendor Product Versions
NokiaI-240w-q Gpon Ont Firmware3fe54567bozj19

Github Repositories

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :