This indicates an attack attempt against a Remote Code Execution vulnerability in Dasan GPON.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request.
FortiGuard Labs has observed various router vulnerabilities being exploited in the wild to distribute malware such as MooBot Malware, Lucifer Malware, BotenaGo Botnet, Zerobot Malware, Enemybot Malware.
ZNID-GPON-25xx and certain H640-series ONTs
Device Compromise: Remote attackers can gain control of vulnerable devices.
Currently no official patch, you can patch it here
|IPS (Regular DB)|
|IPS (Extended DB)|