115 matches found
PT-2022-8677 · Optilink · Optilink Op-Xt71000N
Name of the Vulnerable Software and Affected Versions: OPTILINK OP-XT71000N version V2.2 Description: The issue occurs due to unauthenticated remote code execution when an attacker passes arbitrary commands with an IP-ADDRESS using " | " to execute commands on "/diag tracert admin.asp" in the...
CVE-2020-23592
Affected : OPTILINK OP-XT71000N, Hardware V2.2; Firmware OP_V3.3.1-191028. Vulnerability : Cross-site request forgery (CSRF) that can be exploited remotely without authentication via the endpoint /mgm_dev_reset.asp . Impact : Resetting the ONU to factory defaults enables privilege escalation by l...
CVE-2020-23583
CVE-2020-23583 affects OPTILINK OP-XT71000N v2.2. A remote code execution vulnerability exists when an attacker sends arbitrary code to the PingTest interface via /diag_ping_admin.asp, leading to full system compromise. Remediation guidance in related documents suggests disabling access to the /d...
CVE-2020-23590
A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated remote attacker to conduct a cross-site request forgery CSRF attack to change the Password for "WLAN SSID" through "wlwpa.asp"...
CVE-2020-23593
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery CSRF attack to enable syslog mode through ' /mgmlogcfg.asp.' The system starts to log events, 'Remote' mode or 'Both...
CVE-2020-23582
A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to create Multiple WLAN BSSID...
CVE-2020-23582
A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to create Multiple WLAN BSSID...
Cross site request forgery (csrf)
A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to create Multiple WLAN BSSID...
Optilink Network OP-XT71000N 跨站请求伪造漏洞
Optilink Network OP-XT71000N is a wireless router from Optilink Network India. A security vulnerability exists in Optilink Network OP-XT71000N version V2.2. An attacker could exploit this vulnerability to perform a cross-site request forgery attack...
CVE-2020-23582
CVE-2020-23582 concerns the Optilink OP-XT71000N firmware (version V2.2), where a CSRF vulnerability in the path "/admin/wlmultipleap.asp" allows an unauthenticated, remote attacker to create multiple WLAN BSSID. The available data identifies this as a network-accessible issue with a LOW attack c...
CVE-2020-23582
A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to create Multiple WLAN BSSID...
CVE-2020-23582
A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to create Multiple WLAN BSSID...
OptiLink ONT1GEW GPON 2.1.11_X101 Remote Code Execution
Exploit Title: OptiLink ONT1GEW GPON 2.1.11X101 Build 1127.190306 - Remote Code Execution Authenticated Date: 23/03/2021 Exploit Authors: Developed by SecNigma and Amal. Vendor Homepage: https://optilinknetwork.com/ Version: ONT1GEW V2.1.11X101 Build.1127.190306 Mitigation: Ask the vendor to issu...
OptiLink ONT1GEW GPON 2.1.11_X101 Build 1127.190306 - Remote Code Execution (Authenticated) Exploit
Exploit Title: OptiLink ONT1GEW GPON 2.1.11X101 Build 1127.190306 - Remote Code Execution Authenticated Exploit Authors: Developed by SecNigma and Amal. Vendor Homepage: https://optilinknetwork.com/ Version: ONT1GEW V2.1.11X101 Build.1127.190306 Mitigation: Ask the vendor to issue a router upgrad...
OptiLink ONT1GEW GPON 2.1.11_X101 Build 1127.190306 - Remote Code Execution (Authenticated)
Exploit Title: OptiLink ONT1GEW GPON 2.1.11X101 Build 1127.190306 - Remote Code Execution Authenticated Date: 23/03/2021 Exploit Authors: Developed by SecNigma and Amal. Vendor Homepage: https://optilinknetwork.com/ Version: ONT1GEW V2.1.11X101 Build.1127.190306 Mitigation: Ask the vendor to issu...