topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • May 27, 2018, 12:35 AM
  • Proudly celebrating 13 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Unofficial emergency patch for GPON Routers  (Read 386 times)

panzer

  • Participant
  • Joined in 2008
  • *
  • default avatar
  • Posts: 539
    • View Profile
    • Donate to Member
Unofficial emergency patch for GPON Routers
« on: May 08, 2018, 10:50 AM »
"... A few days ago, we released details of two unpatched critical authentication bypass and root-RCE vulnerabilities we found on very widespread GPON Routers. The vulnerabilities, as we outlined, affects over a million users and is easily accessible through sites like Shodan and ZoomEye.

Shortly after our initial discovery, we contacted the responsible parties. Unfortunately, a patch was not available, and it didn’t seem to be in development either. So, we released the details to inform the affected users of the risks involved in using these modems.

However, we noticed (thanks to 360 Netlab) that attackers began exploiting both these vulnerabilities (CVE-2018-10561 & CVE-2018-10562) to add the affected devices and their networks into their botnets. To prevent more attacks, we took matters into our hands. We are releasing a user-friendly patch below ...":
https://www.vpnmento...uter-antidote-patch/