The device has a notable history of firmware-related vulnerabilities that have necessitated updates: Command Injection (CVE-2021-42912)

: This article is for educational purposes only. The author and publisher are not responsible for any damage to hardware, loss of service, or violation of ISP terms of service resulting from the procedures described. Always consult your Internet Service Provider before modifying your ONT firmware.

contained stack-based buffer overflows in the HTTP service, potentially allowing attackers to take control of the device. Cross-Site Scripting (XSS) was flagged for XSS vulnerabilities. 3. Versions and Availability