Lucene search

[email protected]CVE-2020-23589

HistoryNov 23, 2022 - 2:15 a.m.

CVE-2020-23589

2022-11-2302:15:09

CWE-352

[email protected]

web.nvd.nist.gov

cve-2020-23589

optilink op-xt71000n

csrf

dos

remote attack

reboot

nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

31.3%

JSON

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to cause a Denial of Service by Rebooting the router through " /mgm_dev_reboot.asp."

Affected configurations

NVD

Node

optilinknetworkop-xt71000n_firmwareMatch3.3.1-191028

AND

optilinknetworkop-xt71000nMatch2.2

CPENameOperatorVersion
optilinknetwork:op-xt71000n_firmwareoptilinknetwork op-xt71000n firmwareeq3.3.1-191028

CPE	Name	Operator	Version
optilinknetwork:op-xt71000n_firmware	optilinknetwork op-xt71000n firmware	eq	3.3.1-191028

References

github.com/huzaifahussain98/CVE-2020-23589

Social References

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

31.3%

JSON

Related for CVE-2020-23589

prion1 cvelist1 nvd1