A couple of vulnerabilities affecting over one million GPON routers were disclosed recently. One of them was an Authentication Bypass vulnerability (CVE-2018-10561) and other one was a Command Injection vulnerability (CVE-2018-10562). An attacker can chain these vulnerabilities to execute arbitrary code on the targeted devices. A security researcher published his findings along with POC on … Continue reading “GPON Home Routers Multiple Security Vulnerabilities”