Lucene search

[email protected]CVE-2020-23582

HistoryNov 21, 2022 - 9:15 p.m.

CVE-2020-23582

2022-11-2121:15:09

CWE-352

[email protected]

web.nvd.nist.gov

vulnerability

csrf

optilink

op-xt71000n

v2.2

nvd

cve-2020-23582

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

32.4%

JSON

A vulnerability in the “/admin/wlmultipleap.asp” of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to create Multiple WLAN BSSID.

Affected configurations

NVD

Node

optilinknetworkop-xt71000nMatch2.2

AND

optilinknetworkop-xt71000n_firmwareMatch3.3.1-191028

CPENameOperatorVersion
optilinknetwork:op-xt71000n_firmwareoptilinknetwork op-xt71000n firmwareeq3.3.1-191028

CPE	Name	Operator	Version
optilinknetwork:op-xt71000n_firmware	optilinknetwork op-xt71000n firmware	eq	3.3.1-191028

References

github.com/huzaifahussain98/CVE-2020-23582

Social References

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

32.4%

JSON

Related for CVE-2020-23582

nvd1 prion1 cvelist1