High severity8.8NVD Advisory· Published Oct 17, 2017· Updated Jun 17, 2026
CVE-2014-9118
CVE-2014-9118
Description
The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:o:dasanzhone:znid_2426a_firmware:-:*:*:*:*:*:*:*
- Range: <S3.0.501
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/133921/Zhone-Insecure-Reference-Password-Disclosure-Command-Injection.htmlnvdExploitThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2015/Oct/57nvdExploitMailing ListThird Party Advisory
- www.exploit-db.com/exploits/38453/nvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/536663/100/0/threadednvd
News mentions
0No linked articles in our index yet.