GPON home routers are affected by critical remote code vulnerabilities

Costea Lestoc By: Costea Lestoc
2 minute read
GPON home routers security issues

Security researchers recently tested a significant number of GPON home routers and unfortunately discovered a critical RCE vulnerability that could allow attackers to take full control over the affected devices. Researchers found that there’s a way to bypass the authentication in order to access the GPON home routers CVE-2018-10561. The flaw was linked by experts with another one CVE-2018-10562, and they were able to execute commands on the routers.

Hackers can take total control over routers

The two weaknesses mentioned above can be chained together in order to allow complete control over the vulnerable router and the network. The first vulnerability CVE-2018-10561 exploits the authentication mechanism of the device, and it can be exploited by attackers to bypass all authentication.

Since the router saves ping results in /tmp and transmits it to the user when the user revisits /diag.html, it’s quite simple to execute commands and retrieve their output with the authentication bypass vulnerability.

You can learn more about the way in which the exploit takes place by reading the security analysis to see all the tech details.


In case you want to be secure while surfing the internet, you will need to get a full-dedicated tool to secure your network.  Install now Cyberghost VPN and secure yourself. It protects your PC from attacks while browsing, masks your IP address and blocks all unwanted access.


Essential recommendations to avoid the exploit

Security researchers recommend the following steps to make sure that you remain safe:

  • Find out if your device is using the GPON network.
  • Remember that GPON devices can be hacked and exploited.
  • Discuss the matter with your ISP in order to see what they can do for you in order to fix the bug.
  • Warn your friends on social media about the serious threat.
  • Use the patch created to fix this problem.

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).

Discussions

Next up

Windows 10 KB4467708, KB4464455 fix black screen and camera issues

Giles Ensor avatar. By: Giles Ensor
3 minute read

In this article, we are going to be talking about two November 2018 Patch Tuesday updates – KB4467708 and KB4464455. Both these updates are quality improvement […]

Continue Reading

Surface Pro 3 gets new security updates, install goes smoothly

Giles Ensor avatar. By: Giles Ensor
2 minute read

After recent bad news stories about updates released by Microsoft for Windows 10, that you can read here and here, it is refreshing to read (or […]

Continue Reading

Best Windows 10 antivirus software to use in 2018

Radu Tyrsina By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading