VYPR
Vendor

V-SOL

Products
4
CVEs
15
Across products
17
Status
Private

Products

4

Recent CVEs

15
  • CVE-2019-25282CriJan 8, 2026
    risk 0.64cvss 9.8epss 0.00

    V-SOL GPON/EPON OLT Platform v2.03 contains an open redirect vulnerability in the script that allows attackers to manipulate the 'parent' GET parameter. Attackers can craft malicious links that redirect logged-in users to arbitrary websites by exploiting improper input…

  • CVE-2019-25237CriDec 24, 2025
    risk 0.64cvss 9.8epss 0.00

    V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal users to gain administrative access by manipulating the user role parameter. Attackers can send a crafted HTTP POST request to the user management endpoint with 'user_role_mod'…

  • CVE-2020-29381CriNov 29, 2020
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. Command injection can occur in "upload tftp syslog" and "upload tftp configuration" in the CLI via a crafted…

  • CVE-2020-29377CriNov 29, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on V-SOL V1600D V2.03.69 OLT devices. The string K0LTdi@gnos312$ is compared to the password provided by the the remote attacker. If it matches, access is provided.

  • CVE-2020-29376CriNov 29, 2020
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. There is an !j@l#y$z%x6x7q8c9z) password for the admin account to authenticate to the TELNET service.

  • CVE-2024-30973HigMay 6, 2024
    risk 0.57cvss 8.8epss 0.01

    An issue in V-SOL G/EPON ONU HG323AC-B with firmware version V2.0.08-210715 allows an attacker to execute arbtirary code and obtain sensitive information via crafted POST request to /boaform/getASPdata/formFirewall, /boaform/getASPdata/formAcc.

  • CVE-2020-29378HigNov 29, 2020
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privilege of a CLI user (to full administrative access) by using the password…

  • CVE-2020-29375HigNov 29, 2020
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. An low-privileged (non-admin) attacker can use a hardcoded password (4ef9cea10b2362f15ba4558b1d5c081f) to create an…

  • CVE-2020-29383HigNov 29, 2020
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. A hardcoded RSA private key (specific to V1600D4L and V1600D-MINI) is contained in the firmware images.

  • CVE-2020-29382HigNov 29, 2020
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. A hardcoded RSA private key (specific to V1600D, V1600G1, and V1600G2) is contained in the firmware images.

  • CVE-2019-25239HigDec 24, 2025
    risk 0.49cvss 7.5epss 0.00

    V-SOL GPON/EPON OLT Platform 2.03 contains an unauthenticated information disclosure vulnerability that allows attackers to download configuration files via direct object reference. Attackers can retrieve sensitive configuration data by sending HTTP GET requests to the…

  • CVE-2019-25284MedJan 8, 2026
    risk 0.40cvss 6.1epss 0.00

    V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected cross-site scripting vulnerabilities due to improper input sanitization in various script parameters. Attackers can exploit these vulnerabilities by injecting malicious HTML and script code to execute arbitrary…

  • CVE-2020-29380MedNov 29, 2020
    risk 0.38cvss 5.9epss 0.00

    An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. TELNET is offered by default but SSH is not always available. An attacker can intercept passwords sent in cleartext…

  • CVE-2020-29379MedNov 29, 2020
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. During the process of updating the firmware, the update script starts a telnetd -l /bin/sh process that does not require authentication for TELNET access.

  • CVE-2019-25238MedDec 24, 2025
    risk 0.28cvss 4.3epss 0.00

    V-SOL GPON/EPON OLT Platform 2.03 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to create admin users, enable SSH, or modify system settings by tricking…