CNNVD-202506-3333 Information

CNNVD ID

CNNVD-202506-3333

Related CVE

CVE-2025-34049

• CNNVD Published: 2025-06-26

Description (Chinese)

OptiLink ONT1GEW GPON是美国OptiLink公司的一种光纤网络终端设备。 OptiLink ONT1GEW GPON存在安全漏洞，该漏洞源于对formTracert和formPing端点中参数target_addr的错误操作,导致命令注入攻击。

Description (English)

OptiLink ONT1GEW GPON is a fibre-optic network terminal of OptiLink in the United States. OptiLink ONT1GEW GPON has a security loophole, which stems from an error in the use of the parameter target addr in the endpoints of FormTracert and FormPing, leading to an order of injection into the attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

OptiLink

Published

2025-06-26

Last Modified

2026-02-24

References

https://optilinknetwork.com/ https://www.exploit-db.com/exploits/49955 https://vulncheck.com/advisories/optilink-ont1gew-router-rce https://access.redhat.com/security/cve/cve-2025-34049