Lucene search
K

4 matches found

OSV
OSV
added 2022/11/23 2:15 a.m.3 views

CVE-2020-23584

Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diagtracertadmin.asp " in the "PingTest" parameter that leads to command execution...

9.8CVSS6.5AI score0.41443EPSS
Exploits0References1
NVD
NVD
added 2022/11/23 2:15 a.m.16 views

CVE-2020-23584

Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diagtracertadmin.asp " in the "PingTest" parameter that leads to command execution...

9.8CVSS0.41443EPSS
Exploits0References1
Prion
Prion
added 2022/11/23 2:15 a.m.18 views

Remote code execution

Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diagtracertadmin.asp " in the "PingTest" parameter that leads to command execution...

7.5CVSS9.9AI score0.41443EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/11/23 12:0 a.m.63 views

CVE-2020-23584

Summary: CVE-2020-23584 affects the OPTILINK OP-XT71000N (Hardware Version V2.2). An unauthenticated attacker can trigger remote code execution by sending crafted input in the PingTest parameter, exploiting a command-injection flaw via the IP-ADDRESS field using the pipe character (" | ") to targ...

9.8CVSS9.9AI score0.41443EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder