Critical severity9.8CISA KEVNVD Advisory· Published May 4, 2018· Updated Jun 17, 2026
CVE-2018-10562
CVE-2018-10562
Description
An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
4- www.exploit-db.com/exploits/44576/nvdExploitThird Party AdvisoryVDB Entry
- www.vpnmentor.com/blog/critical-vulnerability-gpon-router/nvdExploitTechnical DescriptionThird Party Advisory
- www.securityfocus.com/bid/107053nvdBroken LinkThird Party AdvisoryVDB Entry
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.