CVE-2019-25282
V-SOL · GPON/EPON OLT Platform
V-SOL GPON/EPON OLT Platform v2.03 is susceptible to an open redirect vulnerability via the 'parent' GET parameter, enabling attackers to redirect authenticated users to arbitrary malicious sites.
Executive summary
An open redirect vulnerability in the V-SOL GPON/EPON OLT Platform allows attackers to perform phishing or redirection attacks against authenticated users.
Vulnerability
This is an open redirect vulnerability located in the platform's script mechanism. It allows an attacker to manipulate the 'parent' GET parameter, requiring the victim to be logged into the platform for the attack to succeed.
Business impact
The exploitation of this vulnerability could lead to successful social engineering and phishing attacks, as users may be directed to malicious infrastructure while appearing to remain on a trusted domain. With a CVSS score of 9.8, the potential for high-impact credential theft or malware delivery is significant, posing a severe risk to organizational network integrity and user security.
Remediation
Immediate Action: Contact the vendor (V-SOL) to obtain the latest firmware or software update that addresses input validation flaws in the redirection script.
Proactive Monitoring: Audit web server access logs for anomalous GET requests containing suspicious 'parent' parameter strings.
Compensating Controls: Implement a Web Application Firewall (WAF) rule to inspect and sanitize the 'parent' parameter or restrict redirection targets to an approved allow-list.
Exploitation status
Public Exploit Available: Not specified
Analyst recommendation
Given the critical nature of this flaw, administrators must prioritize the remediation of the redirection logic. Organizations should ensure that all users are cautioned against clicking suspicious links originating from the OLT management interface until a patch is applied.