diag_tool.cgi on DASAN H660RM devices with firmware 1.03-0022 allows spawning ping processes without any authorization leading to information disclosure and DoS attacks

[Translate]

diag_tool.cgi on DASAN H660RM devices with firmware 1.03-0022 allows spawning ping processes without any authorization leading to device enumeration on LAN interface and DoS attacks against both device and network.

CWE-862: Missing Authorization weakness in diag_tool.cgi allows remote attacker to spawn ping (and traceroute) processes on affected devices without authorization. Moreover similar bug […]

Boa Webserver on DASAN H660RM devices with firmware 1.03-0022 saves post data, including credentials, to /tmp/boa-temp

[Translate]

Boa Webserver on DASAN H660RM devices with firmware 1.03-0022 (and possibly other) saves post data, including credentials, to /tmp/boa-temp. Moreover this file is not sanitized after request has been processed, which allow retrieval of login credential possible until another POST request is made.

This vulnerability was assigned CVE-2019-9976.

[…]

syslog_tool.cgi on DASAN H660RM devices with firmware 1.03-0022 uses a hard-coded key for logs encryption

[Translate]

DASAN H660RM devices with firmware 1.03-0022 (and possibly other) uses a hard-coded key “dasanektks123” for logs encryption. Data stored using this key can be decrypted by anyone able to access this key.

This vulnerability was assigned CVE-2019-9975.

[…]