CVE-2020-8958 - Vulnerability Details - OpenCVE

Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gpononu	1ge\+3fe\+wifi Onu V2804rgw 1ge\+3fe\+wifi Onu V2804rgw Firmware 1ge Router Wifi Onu V2801rw 1ge Router Wifi Onu V2801rw Firmware

Configuration 1 [-]

AND

cpe:2.3:o:gpononu:1ge_router_wifi_onu_v2801rw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gpononu:1ge_router_wifi_onu_v2801rw:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:gpononu:1ge\+3fe\+wifi_onu_v2804rgw_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:gpononu:1ge\+3fe\+wifi_onu_v2804rgw:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/qurbat/gpon
https://www.gpononu.com/dual-mode-onu/1GE-Router-WiFi-ONU.html
https://www.gpononu.com/gpon-ont/4ge-epon-onu-v2804ew.html
https://www.karansaini.com/os-command-injection-v-sol/

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.85884}`	epss `{'score': 0.86775}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-07-15T20:13:32

Updated: 2024-08-04T10:19:18.184Z

Reserved: 2020-02-12T00:00:00

Link: CVE-2020-8958

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-07-15T21:15:13.660

Modified: 2024-11-21T05:39:44.557

Link: CVE-2020-8958

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-07-15T20:13:32", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.gpononu.com/dual-mode-onu/1GE-Router-WiFi-ONU.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.gpononu.com/gpon-ont/4ge-epon-onu-v2804ew.html"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/qurbat/gpon"}, {"tags": ["x_refsource_MISC"], "url": "https://www.karansaini.com/os-command-injection-v-sol/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-8958", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.gpononu.com/dual-mode-onu/1GE-Router-WiFi-ONU.html", "refsource": "MISC", "url": "https://www.gpononu.com/dual-mode-onu/1GE-Router-WiFi-ONU.html"}, {"name": "https://www.gpononu.com/gpon-ont/4ge-epon-onu-v2804ew.html", "refsource": "MISC", "url": "https://www.gpononu.com/gpon-ont/4ge-epon-onu-v2804ew.html"}, {"name": "https://github.com/qurbat/gpon", "refsource": "MISC", "url": "https://github.com/qurbat/gpon"}, {"name": "https://www.karansaini.com/os-command-injection-v-sol/", "refsource": "MISC", "url": "https://www.karansaini.com/os-command-injection-v-sol/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:19:18.184Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.gpononu.com/dual-mode-onu/1GE-Router-WiFi-ONU.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.gpononu.com/gpon-ont/4ge-epon-onu-v2804ew.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/qurbat/gpon"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.karansaini.com/os-command-injection-v-sol/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-8958", "datePublished": "2020-07-15T20:13:32", "dateReserved": "2020-02-12T00:00:00", "dateUpdated": "2024-08-04T10:19:18.184Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:gpononu:1ge_router_wifi_onu_v2801rw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A9A59CD8-8CD0-4B48-993D-A2260FC1C4BC", "versionEndIncluding": "2.9.0-181024", "versionStartIncluding": "1.9.1-181203", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:gpononu:1ge_router_wifi_onu_v2801rw:-:*:*:*:*:*:*:*", "matchCriteriaId": "29338F08-5677-42AE-A511-762B624D0DB8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:gpononu:1ge\\+3fe\\+wifi_onu_v2804rgw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "95AD21E1-9638-46B8-B707-D3A5D38114CC", "versionEndIncluding": "2.9.0-181024", "versionStartIncluding": "1.9.1-181203", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:gpononu:1ge\\+3fe\\+wifi_onu_v2804rgw:-:*:*:*:*:*:*:*", "matchCriteriaId": "CDE8F449-3781-4437-8FB3-7399A2E0FD17", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field."}, {"lang": "es", "value": "Los dispositivos Guangzhou 1GE ONU V2801RW versiones 1.9.1-181203 hasta 2.9.0-181024 y V2804RGW versiones 1.9.1-181203 hasta 2.9.0-181024, permiten a atacantes remotos ejecutar comandos arbitrarios de Sistema Operativo por medio de metacaracteres de shell en el campo Dest IP Address del archivo boaform/admin/formPing"}], "id": "CVE-2020-8958", "lastModified": "2024-11-21T05:39:44.557", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-07-15T21:15:13.660", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/qurbat/gpon"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.gpononu.com/dual-mode-onu/1GE-Router-WiFi-ONU.html"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.gpononu.com/gpon-ont/4ge-epon-onu-v2804ew.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.karansaini.com/os-command-injection-v-sol/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/qurbat/gpon"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://www.gpononu.com/dual-mode-onu/1GE-Router-WiFi-ONU.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://www.gpononu.com/gpon-ont/4ge-epon-onu-v2804ew.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.karansaini.com/os-command-injection-v-sol/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}