PT-2019-16772 · Alcatel Lucent · Alcatel Lucent I-240W-Q Gpon Ont

Published

2019-03-05

·

Updated

2020-10-19

·

CVE-2019-3917

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions Alcatel Lucent I-240W-Q GPON ONT version 3FE54567BOZJ19
Description The issue allows a remote, unauthenticated attacker to enable telnetd on the router via a crafted HTTP request.
Recommendations For version 3FE54567BOZJ19, consider disabling the telnetd service until a patch is available to prevent exploitation.

Exploit

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-306CWE-425

Related Identifiers

CVE-2019-3917

Affected Products

Alcatel Lucent I-240W-Q Gpon Ont