RCE in Gx India Earth 1010

CVE-2026-45431

This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecti…

Vulnerability class: Command Injection (OS Command Injection)

Affected products

Gx India Earth 1010 — versions version E1010-1.1ASL
Gx India Earth 2022 — versions version E2022 - 3.1.2A, version E2022 - 3.1.5AV, version E2022 - 1.1ASL

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

vdisclose@cert-in.org.in (third-party-advisory)