Calix GigaCenter ONT OS Command Injection Vulnerability

A command injection vulnerability has been identified in the Calix GigaCenter ONT models 844E, 844G, 844GE, and 854GE, all running Quantenna SoC firmware. This vulnerability allows authenticated attackers with 'super' user credentials to execute arbitrary operating system commands via the web interface. The issue arises from inadequate input validation, potentially leading to a complete system compromise.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected device, with the potential for full system compromise.

Reproduction

To reproduce this vulnerability, log into the Quantenna web application using 'super' user credentials. Once logged in, navigate to the tools_command.php file, where the command injection vulnerability can be exploited by injecting commands to gain shell access on the router.

Remediation

Calix has released a patch for this vulnerability in version R12.2.13.4, available to authorized users. Users should contact their Broadband Service Provider to request the update.