Cyber Posture

CVE-2019-25237

CriticalPublic PoC

Published: 24 December 2025

Published
24 December 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0015 35.0th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal users to gain administrative access by manipulating the user role parameter. Attackers can send a crafted HTTP POST request to the user management endpoint with 'user_role_mod' set…

more

to integer value '1' to elevate their privileges.

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match
prevent

AC-3 enforces approved authorizations for access to resources, directly preventing unauthorized privilege escalation through manipulated user role parameters in the user management endpoint.

SI-10 Information Input Validation good match
prevent

SI-10 requires validation of information inputs at external interfaces, blocking crafted HTTP POST requests that set the 'user_role_mod' parameter to elevate privileges.

AC-6 Least Privilege good match
prevent

AC-6 mandates least privilege for users and processes, ensuring normal users cannot gain administrative access even if authorization checks fail.

Security SummaryAI

CVE-2019-25237 is a privilege escalation vulnerability in the V-SOL GPON/EPON OLT Platform version 2.03. It allows normal users to gain administrative access by sending a crafted HTTP POST request to the user management endpoint, specifically by setting the 'user_role_mod' parameter to the integer value '1'. The issue stems from improper handling of the user role parameter, classified under CWE-863 (Incorrect Authorization), with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

The vulnerability can be exploited by normal users over the network without requiring special privileges, user interaction, or authentication beyond basic access, due to the PR:N metric. Successful exploitation grants attackers administrative privileges on the affected OLT platform, enabling full control over confidentiality, integrity, and availability of the system, such as modifying configurations, accessing sensitive data, or disrupting network operations in GPON/EPON environments.

Advisories and references include an exploit published on Exploit-DB (https://www.exploit-db.com/exploits/47435), the vendor site (https://www.vsolcn.com), and detailed analysis from Zero Science Labs (https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5538.php), confirming the attack vector but providing no specific patch or mitigation details in the available information.

Details

CWE(s)
CWE-863

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
attack.mitre.org →
Why these techniques?

CVE-2019-25237 is an unauthenticated privilege escalation in a public-facing web application (user management endpoint on GPON/EPON OLT), directly enabling T1190 (Exploit Public-Facing Application) and T1068 (Exploitation for Privilege Escalation) via crafted HTTP POST request manipulating user role.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References