Published: 11/04/2019 Updated: 24/08/2020

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P

diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote malicious users to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dasannetworks h660rm_firmware 1.03-0022

DASAN H660RM allows for unauthenticated ping access, has a hardcoded key for encryption, and logs sensitive information into /tmp ...

CWE-306 CWE-862 https://seclists.org/bugtraq/2019/Mar/41 https://blog.burghardt.pl/2019/03/diag_tool-cgi-on-dasan-h660rm-devices-with-firmware-1-03-0022-allows-spawning-ping-processes-without-any-authorization-leading-to-information-disclosure-and-dos-attacks/http://packetstormsecurity.com/files/152232/DASAN-H660RM-Information-Disclosure-Hardcoded-Key.html https://nvd.nist.gov https://packetstormsecurity.com/files/152232/DASAN-H660RM-Information-Disclosure-Hardcoded-Key.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-9974

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect