PT-2024-32099 · Syrotech · Sy-Gopon-8Olt-L3

Jackalkarlos

Published

2024-10-03

Updated

2024-10-08

CVE-2024-46658

CVSS v3.1

8.0

High

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Syrotech SY-GOPON-8OLT-L3 version 1.6.0 240629

Description The issue is an authenticated command injection vulnerability. This means that an attacker who has valid credentials can potentially inject commands into the system, allowing them to execute arbitrary commands.

Recommendations For Syrotech SY-GOPON-8OLT-L3 version 1.6.0 240629, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2024-46658

Affected Products

Sy-Gopon-8Olt-L3

PT-2024-32099 · Syrotech · Sy-Gopon-8Olt-L3

CVE-2024-46658

Weakness Enumeration

Related Identifiers

Affected Products

References · 10