CVE-2018-10561
Description
An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.
In plain language
AI Act nowThis flaw lets anyone remotely bypass the login on certain Dasan GPON home routers and take control, so a typical small business running these routers should treat it as an urgent, serious risk.
CVE-2018-10561 is a remote authentication bypass in Dasan GPON home router firmware where appending "?images" to authentication-required URLs allows unauthenticated attackers to access and manage the device; it is listed in CISA KEV and was added with a remediation due date in April 2022.
What to do now
- Check whether your business uses a Dasan GPON home router (look for the Dasan brand/model on the router label, asset list, or ISP paperwork).
- If you have any Dasan GPON home routers still in service, treat them as exposed and disconnect them from the network until you can replace them.
- Replace the Dasan GPON home router with supported equipment provided by your ISP (or another vendor) and confirm you can log in normally.
- If replacing immediately isn’t possible, restrict access so the router is not reachable from the internet (e.g., ensure it is not port-forwarded and is behind a properly configured firewall/VPN).
- Document the change, and keep an eye on device/access logs for unusual requests to URLs that might resemble authenticated pages followed by "?images".
CVSS Vector Breakdown
AV:NAttack VectorAC:LAttack ComplexityPR:NPrivileges RequiredUI:NUser InteractionS:UScopeC:HConfidentialityI:HIntegrityA:HAvailabilityWeaknesses
Affected Products
Exploitability
Required action: The impacted product is end-of-life and should be disconnected if still in use.
Exploit details including PoC links, Metasploit modules, and scanner templates are available after registration.
View exploit detailsAttack Graph
Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/⌘ + scroll to zoom, or go fullscreen.
MITRE ATT&CK
2 techniquesReferences
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2018-10561 and every CVE in our database. Create a free account — no credit card required.
Create Free Account