4 matches found
CVE-2020-23584
Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diagtracertadmin.asp " in the "PingTest" parameter that leads to command execution...
CVE-2020-23584
Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diagtracertadmin.asp " in the "PingTest" parameter that leads to command execution...
Remote code execution
Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diagtracertadmin.asp " in the "PingTest" parameter that leads to command execution...
CVE-2020-23584
Summary: CVE-2020-23584 affects the OPTILINK OP-XT71000N (Hardware Version V2.2). An unauthenticated attacker can trigger remote code execution by sending crafted input in the PingTest parameter, exploiting a command-injection flaw via the IP-ADDRESS field using the pipe character (" | ") to targ...