Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Usdk | Realtek | 1.0 (including) | 1.0 (including) |
Usdk | Realtek | 2.0 (including) | 2.0 (including) |
Usdk | Realtek | 2.2 (including) | 2.2 (including) |
Xpon_software_development_kit | Realtek | 1.9 (including) | 1.9 (including) |
Xpon_software_development_kit | Realtek | 3.3 (including) | 3.3 (including) |
Xpon_software_development_kit | Realtek | 4.0 (including) | 4.0 (including) |
Xpon_software_development_kit | Realtek | 4.1 (including) | 4.1 (including) |