CVE-2025-34049

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-34049
An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrary operating system commands, which are executed with root privileges, leading to remote code execution. Successful exploitation enables full compromise of the device. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-13 UTC.
CVSS

No CVSS.

References
Link Resource
https://optilinknetwork.com/
https://vulncheck.com/advisories/optilink-ont1gew-router-rce
https://www.exploit-db.com/exploits/49955
Configurations

No configuration.

History

17 Nov 2025, 22:15

Type Values Removed Values Added
CWE CWE-20
Summary (en) An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrary operating system commands, which are executed with root privileges, leading to remote code execution. Successful exploitation enables full compromise of the device. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC. (en) An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrary operating system commands, which are executed with root privileges, leading to remote code execution. Successful exploitation enables full compromise of the device. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-13 UTC.

17 Nov 2025, 21:15

Type Values Removed Values Added
Summary
  • (es) Existe una vulnerabilidad de inyección de comandos del sistema operativo en el firmware del router OptiLink ONT1GEW GPON, versión V2.1.11_X101, compilación 1127.190306 y anteriores. La interfaz de administración web del router no depura correctamente la entrada del usuario en el parámetro target_addr de los endpoints administrativos formTracert y formPing. Un atacante autenticado puede inyectar comandos arbitrarios del sistema operativo, que se ejecutan con privilegios de root, lo que provoca la ejecución remota de código. Una explotación exitosa permite la vulneración total del dispositivo.
Summary (en) An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrary operating system commands, which are executed with root privileges, leading to remote code execution. Successful exploitation enables full compromise of the device. (en) An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrary operating system commands, which are executed with root privileges, leading to remote code execution. Successful exploitation enables full compromise of the device. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.

26 Jun 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-26 16:15

Updated : 2025-11-17 22:15

NVD link : CVE-2025-34049

Mitre link : CVE-2025-34049

CVE.ORG link : CVE-2025-34049

JSON object : View

Products Affected

No product.

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')