CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-18046

Buffer overflow on Dasan GPON ONT WiFi Router H640X 12.02-01121 2.77p1-1124 and 3.03p2-1146 devices allows remote attackers to execute arbitrary code via a long POST request to the login_action function in /cgi-bin/login_action.cgi (aka cgipage.cgi).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.111

EPSS Ranking 93.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://blogs.securiteam.com/index.php/archives/3552
https://pastebin.com/Yxd9S46A
https://twitter.com/ankit_anubhav/status/982261670394249216
https://blogs.securiteam.com/index.php/archives/3552
https://pastebin.com/Yxd9S46A
https://twitter.com/ankit_anubhav/status/982261670394249216

Products affected by CVE-2017-18046

Dasannetworks » H640x » Version: N/A

cpe:2.3:h:dasannetworks:h640x:-
Dasannetworks » H640x Firmware » Version: 12.02-01121

cpe:2.3:o:dasannetworks:h640x_firmware:12.02-01121
Dasannetworks » H640x Firmware » Version: 2.77p1-1124

cpe:2.3:o:dasannetworks:h640x_firmware:2.77p1-1124
Dasannetworks » H640x Firmware » Version: 3.03p2-1146

cpe:2.3:o:dasannetworks:h640x_firmware:3.03p2-1146

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-18046

Products

Pricing

Contact Us