Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-10562 PoC — Dasan GPON家庭路由器命令注入漏洞

Source
https://github.com/Choudai/GPON-LOADER
Associated Vulnerability
Title:Dasan GPON家庭路由器命令注入漏洞 (CVE-2018-10562)
Description:An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
Description
Exploit loader for Remote Code Execution w/ Payload on GPON Home Gateway devices (CVE-2018-10562) written in Python.
Readme
# GPON-LOADER
Exploit loader for Remote Code Execution w/ Payload on GPON Home Gateway devices (CVE-2018-10562) written in Python.

## Dependencies
`requests`

## Usage
```
python gpon-loader.py <list.txt>
```
File Snapshot

 [4.0K]  /data/pocs/29051d16be7a05ae0f92db31e24a7f0bd563de7e
├── [1003]  gpon-loader.py
└── [ 210]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →