MidnightBSD

Advisories for dasannetworks

CVE-2017-18046 HIGH

Buffer overflow on Dasan GPON ONT WiFi Router H640X 12.02-01121 2.77p1-1124 and 3.03p2-1146 devices allows remote attackers to execute arbitrary code via a long POST request to the login_action function in /cgi-bin/login_action.cgi (aka cgipage.cgi).

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
dasannetworks h640x_firmware 12.02-01121
dasannetworks h640x_firmware 2.77p1-1124
dasannetworks h640x_firmware 3.03p2-1146
CVE-2018-10561 HIGH

An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
dasannetworks gpon_router_firmware -
CVE-2018-10562 HIGH

An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
dasannetworks gpon_router_firmware -
CVE-2018-17867 HIGH

The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute arbitrary code via shell metacharacters in the cgi-bin/adv_nat_virsvr.asp Addr parameter (aka the Local IP Address field).

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
dasannetworks h660gw_firmware -
CVE-2019-8950 HIGH

The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028 allows an attacker to login to the admin account via TELNET.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-798,

Products Affected

Vendor Product Version
dasannetworks h665_firmware 1.46p1-0028
CVE-2019-9974 MEDIUM

diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-306,CWE-862,

Products Affected

Vendor Product Version
dasannetworks h660rm_firmware 1.03-0022
CVE-2019-9975 MEDIUM

DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-798,

Products Affected

Vendor Product Version
dasannetworks h660rm_firmware 1.03-0022
CVE-2019-9976 MEDIUM

The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-532,

Products Affected

Vendor Product Version
dasannetworks h660rm_firmware 1.03-0022
CVE-2023-42495

Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@cyber.gov.il 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
dasannetworks w-web *
CVE-2025-63206

An authentication bypass issue was discovered in Dasan Switch DS2924 web based interface, firmware versions 1.01.18 and 1.02.00, allowing attackers to gain escalated privileges via storing crafted cookies in the web browser.

Products Affected

Vendor Product Version
dasannetworks ds2924_firmware 1.01.18
dasannetworks ds2924_firmware 1.02.00