RCE (Remote Code Execution) vulnerability was found in some Furukawa ONU models, this vulnerability allows remote unauthenticated users to send arbitrary commands to the device via web interface.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| furukawa | ld421-21wv_firmware | * |
| furukawa | ld420-10r_firmware | * |
| furukawa | 423-41w/ac_firmware | * |
| furukawa | ld421-21w_firmware | * |
Furukawa Electric LatAm 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| furukawa | ld421-21wv_firmware | * |
| furukawa | ld420-10r_firmware | * |
| furukawa | 423-41w/ac_firmware | * |
| furukawa | ld421-21w_firmware | * |