Vulnerabilities > Nokia > I 240W Q Gpon ONT Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2019-03-05 CVE-2019-3921 Out-of-bounds Write vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usb_Form?script/.
network
low complexity
nokia CWE-787
8.8
2019-03-05 CVE-2019-3920 Command Injection vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to authenticated command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/device_Form?script/.
network
low complexity
nokia CWE-77
8.8
2019-03-05 CVE-2019-3919 Command Injection vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to command injection via crafted HTTP request sent by a remote, authenticated attacker to /GponForm/usb_restore_Form?script/.
network
low complexity
nokia CWE-77
8.8
2019-03-05 CVE-2019-3917 Forced Browsing vulnerability in Nokia I-240W-Q Gpon ONT Firmware 3Fe54567Bozj19
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote, unauthenticated attacker to enable telnetd on the router via a crafted HTTP request.
network
low complexity
nokia CWE-425
7.5