A Remote Code Execute Vulnerability in the modem of the ISP

Today, I want to share with you how I successfully exploit the modem of an ISP in Vietnam. I found the multiple vulnerabilities in the GPON firmware, all of them belong to the web portal of the modem. That means it can only be exploited from a client which joined in LAN or it can be triggered by a CSRF in LAN. Anyway, I don’t wanna magnify this stuff.

Continue reading