Intrusion PreventionDZS.GPON.Remote.Code.Execution
Description
This indicates an attack attempt against a Remote Code Execution vulnerability in DZS GPON ONT.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request.
Outbreak Alert
FortiGuard Labs has observed various router vulnerabilities being exploited in the wild to distribute malware such as MooBot Malware, Lucifer Malware, BotenaGo Botnet, Zerobot Malware, Enemybot Malware.
Affected Products
ZNID-GPON-25xx and certain H640-series ONTs
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are unaware of any vendor supplied patch or updates available for this issue.
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2024-08-15 | 28.846 |
Modified
|
Name:Dasan. GPON. Remote. Code. Execution:DZS. GPON. Remote. Code. Execution |
| 2024-03-06 | 27.744 |
Modified
|
Sig Added |
| 2022-02-01 | 19.251 |
Modified
|
Sig Added |
| 2020-07-09 | 15.882 |
Modified
|
Sig Added |
| 2019-02-11 | 14.548 |
Modified
|
Sig Added |
| 2018-10-04 | 13.464 |
Modified
|
Sig Added |
| ID | 46083 |
| Created | May 24, 2018 |
| Updated | Aug 14, 2024 |
| CVE ID | |
| Tags | Router Malware Attack |
| Risk |
|
| Known Exploited | Yes |
| Exploit Prediction Score | 94.03% |
| Default Action | drop |
| Active | |
| Affected OS | Linux, Other |
| Affected App | Other |
| Profile Type | OS Command Injection |