CVE-2025-34049P1CRITICALCVSS 9.4Exploited≤ V2.1.11_X101 Build 1127.1903062025-06-26
CVE-2025-34049 [CRITICAL] CWE-78 CVE-2025-34049: An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2
An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V2.1.11_X101 Build 1127.190306 and earlier. The router’s web management interface fails to properly sanitize user input in the target_addr parameter of the formTracert and formPing administrative endpoints. An authenticated attacker can inject arbitrar
nvd