Skip to content
This repository has been archived by the owner on Jan 16, 2022. It is now read-only.
/ CVE-2020-8958 Public archive

Proof of concept for arbitrary OS command execution on Guangzhou/V-SOL 1GE ONU devices (CVE-2020-8958)

6 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

qurbat/CVE-2020-8958

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
README.md
README.md
 
 
poc.py
poc.py
 
 

Repository files navigation

A proof of concept for CVE-2020-8958 written in Python. The script will return the contents of /etc/passwd if successful.

CVE-2020-8958

Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field.

Requirements

  • Python 3.X
  • bs4

Usage

python poc.py <IP_ADDR>

About

Proof of concept for arbitrary OS command execution on Guangzhou/V-SOL 1GE ONU devices (CVE-2020-8958)

Topics

gpon

Resources

Readme
Activity

Stars

6 stars

Watchers

1 watching

Forks

2 forks
Report repository

Languages