Unofficial emergency patch for GPON Routers

ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

(1/1)

panzer:
"... A few days ago, we released details of two unpatched critical authentication bypass and root-RCE vulnerabilities we found on very widespread GPON Routers. The vulnerabilities, as we outlined, affects over a million users and is easily accessible through sites like Shodan and ZoomEye.

Shortly after our initial discovery, we contacted the responsible parties. Unfortunately, a patch was not available, and it didn’t seem to be in development either. So, we released the details to inform the affected users of the risks involved in using these modems.

However, we noticed (thanks to 360 Netlab) that attackers began exploiting both these vulnerabilities (CVE-2018-10561 & CVE-2018-10562) to add the affected devices and their networks into their botnets. To prevent more attacks, we took matters into our hands. We are releasing a user-friendly patch below ...":
https://www.vpnmentor.com/tools/gpon-router-antidote-patch/

Navigation

[0] Message Index

Go to full version