CVE-2024-30973 affects the V-SOL G/EPON ONU HG323AC-B optical network unit running firmware version V2.0.08-210715. The vulnerability arises from improper input validation in the handling of POST requests to the endpoints /boaform/getASPdata/formFirewall and /boaform/getASPdata/formAcc. An attacker with low privileges can craft malicious POST requests that exploit this flaw to execute arbitrary code on the device. This code execution capability allows the attacker to gain unauthorized access to sensitive information stored or processed by the device, as well as potentially disrupt device operation. The root cause is identified as CWE-94, which corresponds to improper control of code generation or execution, commonly known as code injection. The CVSS v3.1 base score is 8.8, reflecting high impact on confidentiality, integrity, and availability, with network attack vector, low attack complexity, and no user interaction required. The vulnerability does not require elevated privileges beyond low-level access, increasing the risk of exploitation in environments where the device is accessible. No patches or official mitigations have been published yet, and no known exploits are currently in the wild. However, given the critical nature of the flaw and the device's role in network infrastructure, timely remediation is essential.

The vulnerability allows attackers to execute arbitrary code remotely on the affected ONU device, leading to full compromise of the device's firmware and configuration. This can result in unauthorized disclosure of sensitive information, including network configuration and potentially user data. Integrity of the device and network traffic can be compromised, enabling attackers to manipulate or disrupt network services. Availability may also be affected if attackers cause device crashes or denial of service. For organizations relying on V-SOL G/EPON ONU HG323AC-B devices in their access networks, this vulnerability poses a significant risk of network infiltration, data breaches, and service outages. The ease of exploitation and high impact on all security properties make this a critical threat to network operators, ISPs, and enterprises using these devices.

1. Immediately restrict network access to the management interfaces of the V-SOL G/EPON ONU HG323AC-B devices to trusted administrators only, using network segmentation and firewall rules. 2. Monitor network traffic for suspicious POST requests targeting /boaform/getASPdata/formFirewall and /boaform/getASPdata/formAcc endpoints, and block or alert on anomalous activity. 3. Disable remote management features if not required to reduce the attack surface. 4. Regularly audit device firmware versions and configurations to identify affected devices. 5. Engage with V-SOL or device vendors for firmware updates or patches addressing this vulnerability. 6. If patches are unavailable, consider deploying compensating controls such as intrusion prevention systems (IPS) with custom signatures to detect exploitation attempts. 7. Implement strict access control policies and multifactor authentication for device management interfaces to limit attacker access. 8. Maintain comprehensive logging and alerting to detect potential exploitation attempts early. 9. Plan for rapid incident response and device replacement if compromise is suspected.