What is CVE-2020-8958?

CVE-2020-8958 is a vulnerability in N/a. Published 2020-07-15.

Is CVE-2020-8958 known to be exploited?

10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-8958

Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Addre…

EPSS: 0.839 (99.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

Asjidkalam/CVE-2020-8958
qurbat/CVE-2020-8958
ARPSyndicate/cvemon
developer3000S/PoC-in-GitHub
hectorgie/PoC-in-GitHub
ker2x/DearDiary
nomi-sec/PoC-in-GitHub
soosmile/POC
yveeranki5566/LogData-Analysis
0xT11/CVE-POC

References

www.gpononu.com/dual-mode-onu/1GE-Router-WiFi-ONU.html (x_refsource_MISC)
www.gpononu.com/gpon-ont/4ge-epon-onu-v2804ew.html (x_refsource_MISC)
github.com/qurbat/gpon (x_refsource_MISC)
www.karansaini.com/os-command-injection-v-sol/ (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-8958?: CVE-2020-8958 is a vulnerability in N/a. Published 2020-07-15.
Is CVE-2020-8958 known to be exploited?: 10 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.