216.73.216.170

CVE-2019-25237

· Published 24/12/2025 20:15 · Modified 24/12/2025 21:16

Labels: CVE-2019-25237 2025-12-24CVE-2019-25237CWE-863[email protected]

Essential information

Published
24/12/2025 20:15
Modified
24/12/2025 21:16
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal users to gain administrative access by manipulating the user role parameter. Attackers can send a crafted HTTP POST request to the user management endpoint with 'user_role_mod' set to integer value '1' to elevate their privileges.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
v-sol / gpon/epnon olt platform cpe:2.3:a:v-sol:gpon/epnon_olt_platform:2.03:*:*:*:*:*:*:*

References