Page 2 of 6 results (0.004 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/device_Form?script/. Alcatel Lucent I-240W-Q GPON ONT, con firmware en su versión 3FE54567BOZJ19, es vulnerable a una inyección de comandos autenticada mediante una petición HTTP enviada por un atacante autenticado remoto a /GponForm/device_Form?script/. • https://www.tenable.com/security/research/tra-2019-09 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •