← back
CVE-2019-3921

CVE-2019-3921

EPSS 18.2%CWE-121
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potentially execute arbitrary code.
Affected products
Tenable · Alcatel Lucent I-240W-Q GPON ONT
public PoCs found2
cve_referencewww.exploit-db.com/exploits/46469/unverifiedexploitdbwww.exploit-db.com/exploits/46469unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/46469/https://www.tenable.com/security/research/tra-2019-09