diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote malicious users to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dasannetworks h660rm_firmware 1.03-0022 |