Insufficient Filtering in Realtek GPON Router Allows Command Injection Attacks

Insufficient Filtering in Realtek GPON Router Allows Command Injection Attacks

CVE-2022-40740 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service.

Learn more about our Web Application Penetration Testing UK.