Lucene search
K

115 matches found

Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.6 views

PT-2022-8677 · Optilink · Optilink Op-Xt71000N

Name of the Vulnerable Software and Affected Versions: OPTILINK OP-XT71000N version V2.2 Description: The issue occurs due to unauthenticated remote code execution when an attacker passes arbitrary commands with an IP-ADDRESS using " | " to execute commands on "/diag tracert admin.asp" in the...

9.8CVSS8.5AI score0.41443EPSS
Exploits0References6
CVE
CVE
added 2022/11/23 12:0 a.m.67 views

CVE-2020-23592

Affected : OPTILINK OP-XT71000N, Hardware V2.2; Firmware OP_V3.3.1-191028. Vulnerability : Cross-site request forgery (CSRF) that can be exploited remotely without authentication via the endpoint /mgm_dev_reset.asp . Impact : Resetting the ONU to factory defaults enables privilege escalation by l...

8.8CVSS8.7AI score0.00531EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/11/23 12:0 a.m.52 views

CVE-2020-23583

CVE-2020-23583 affects OPTILINK OP-XT71000N v2.2. A remote code execution vulnerability exists when an attacker sends arbitrary code to the PingTest interface via /diag_ping_admin.asp, leading to full system compromise. Remediation guidance in related documents suggests disabling access to the /d...

9.8CVSS9.6AI score0.02088EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/23 12:0 a.m.8 views

CVE-2020-23590

A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OPV3.3.1-191028 allows an unauthenticated remote attacker to conduct a cross-site request forgery CSRF attack to change the Password for "WLAN SSID" through "wlwpa.asp"...

6.6AI score0.00428EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/11/23 12:0 a.m.33 views

CVE-2020-23593

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery CSRF attack to enable syslog mode through ' /mgmlogcfg.asp.' The system starts to log events, 'Remote' mode or 'Both...

6.6AI score0.00435EPSS
Exploits0References1
OSV
OSV
added 2022/11/21 9:15 p.m.7 views

CVE-2020-23582

A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to create Multiple WLAN BSSID...

6.5CVSS5.7AI score0.00428EPSS
Exploits0References1
NVD
NVD
added 2022/11/21 9:15 p.m.23 views

CVE-2020-23582

A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to create Multiple WLAN BSSID...

6.5CVSS0.00428EPSS
Exploits0References1
Prion
Prion
added 2022/11/21 9:15 p.m.14 views

Cross site request forgery (csrf)

A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to create Multiple WLAN BSSID...

4.3CVSS6.6AI score0.00428EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/11/21 12:0 a.m.6 views

Optilink Network OP-XT71000N 跨站请求伪造漏洞

Optilink Network OP-XT71000N is a wireless router from Optilink Network India. A security vulnerability exists in Optilink Network OP-XT71000N version V2.2. An attacker could exploit this vulnerability to perform a cross-site request forgery attack...

6.5CVSS6.4AI score0.00428EPSS
Exploits0References2
CVE
CVE
added 2022/11/21 12:0 a.m.56 views

CVE-2020-23582

CVE-2020-23582 concerns the Optilink OP-XT71000N firmware (version V2.2), where a CSRF vulnerability in the path "/admin/wlmultipleap.asp" allows an unauthenticated, remote attacker to create multiple WLAN BSSID. The available data identifies this as a network-accessible issue with a LOW attack c...

6.5CVSS6.5AI score0.00428EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/11/21 12:0 a.m.29 views

CVE-2020-23582

A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to create Multiple WLAN BSSID...

6.6AI score0.00428EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/21 12:0 a.m.5 views

CVE-2020-23582

A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to create Multiple WLAN BSSID...

6.6AI score0.00428EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2021/06/07 12:0 a.m.211 views

OptiLink ONT1GEW GPON 2.1.11_X101 Remote Code Execution

Exploit Title: OptiLink ONT1GEW GPON 2.1.11X101 Build 1127.190306 - Remote Code Execution Authenticated Date: 23/03/2021 Exploit Authors: Developed by SecNigma and Amal. Vendor Homepage: https://optilinknetwork.com/ Version: ONT1GEW V2.1.11X101 Build.1127.190306 Mitigation: Ask the vendor to issu...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/06/07 12:0 a.m.49 views

OptiLink ONT1GEW GPON 2.1.11_X101 Build 1127.190306 - Remote Code Execution (Authenticated) Exploit

Exploit Title: OptiLink ONT1GEW GPON 2.1.11X101 Build 1127.190306 - Remote Code Execution Authenticated Exploit Authors: Developed by SecNigma and Amal. Vendor Homepage: https://optilinknetwork.com/ Version: ONT1GEW V2.1.11X101 Build.1127.190306 Mitigation: Ask the vendor to issue a router upgrad...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2021/06/07 12:0 a.m.449 views

OptiLink ONT1GEW GPON 2.1.11_X101 Build 1127.190306 - Remote Code Execution (Authenticated)

Exploit Title: OptiLink ONT1GEW GPON 2.1.11X101 Build 1127.190306 - Remote Code Execution Authenticated Date: 23/03/2021 Exploit Authors: Developed by SecNigma and Amal. Vendor Homepage: https://optilinknetwork.com/ Version: ONT1GEW V2.1.11X101 Build.1127.190306 Mitigation: Ask the vendor to issu...

7.4AI score
Exploits0
Rows per page
Query Builder