Submit #501483: FiberHome AN5506-01-A RP2511 Command Injectioninfo

TitelFiberHome AN5506-01-A RP2511 Command Injection
BeschreibungRemote Command Execution (RCE) was identified in the Fiberhome ONU model AN5506-01A. To exploit it, simply navigate to the "Application" section and then to "Diagnosis". In the field for entering a "Destination Address", insert any random host followed by a ; Script: google.com;cat /etc/passwd
Quelle⚠️ http://x.x.x.x/login.html
Benutzer
 Fergod (UID 55882)
Einreichung14.02.2025 22:24 (vor 1 Jahr)
Moderieren23.02.2025 08:14 (8 days later)
StatusAkzeptiert
VulDB Eintrag296606 [FiberHome AN5506-01A ONU GPON RP2511 Diagnosis Destination Address erweiterte Rechte]
Punkte14

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!