CVE-2025-34049 – OptiLink ONT1GEW Command Injection

June 26, 2025

CVE ID : CVE-2025-34049

Published : June 26, 2025, 4:15 p.m. | 51 minutes ago

Description : An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrary operating system commands, which are executed with root privileges, leading to remote code execution. Successful exploitation enables full compromise of the device.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-36034 – IBM InfoSphere DataStage Flow Designer Information Disclosure

Next Article CVE-2025-34047 – Leadsec SSL VPN Path Traversal Vulnerability

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2025-34049 – OptiLink ONT1GEW Command Injection

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

CVE-2024-13930 – ASPECT DoS Denial of Service

Natasha Lyonne to Direct AI-Powered Sci-Fi Film That Could Redefine Hollywood

CVE-2024-22330 – IBM Security Verify Governance Weak Password Enforcement Vulnerability

Windows 11’s Patch Tuesday update fixes annoying Firewall error log

CVE-2025-53610 – Cisco WebEx Meeting Server Unvalidated Redirect

CVE-2025-7895 – Harry0703 MoneyPrinterTurbo Unrestricted File Upload Vulnerability

CVE-2024-48877 – Microsoft Xls2csv Heap Buffer Overflow Vulnerability

Extreme Mind’s Eye Teleportation Secrets of Srinidhi Ranganathan – India’s Human AI

CVE-2025-34049 – OptiLink ONT1GEW Command Injection

Related Posts