Lucene search

K

Optilinknetwork Security Vulnerabilities

cve
cve

CVE-2020-23592

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to Reset ONU to Factory Default through ' /mgm_dev_reset.asp.' Resetting to default leads to...

8.8CVSS

8.7AI Score

0.001EPSS

2022-11-23 02:15 AM
17
5
cve
cve

CVE-2020-23585

A remote attacker can conduct a cross-site request forgery (CSRF) attack on OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028. The vulnerability is due to insufficient CSRF protections for the "mgm_config_file.asp" because of which attacker can create a crafted "csrf....

8.8CVSS

8.6AI Score

0.001EPSS

2022-11-23 01:15 AM
15
7
cve
cve

CVE-2020-23591

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an attacker to upload arbitrary files through " /mgm_dev_upgrade.asp " which can "delete every file for Denial of Service (using 'rm -rf .' in the code), reverse connection (using '.asp'...

9.8CVSS

9.3AI Score

0.002EPSS

2022-11-23 02:15 AM
18
5
cve
cve

CVE-2020-23590

A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated remote attacker to conduct a cross-site request forgery (CSRF) attack to change the Password for "WLAN SSID" through...

6.5CVSS

6.6AI Score

0.001EPSS

2022-11-23 02:15 AM
18
6
cve
cve

CVE-2020-23589

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to cause a Denial of Service by Rebooting the router through "...

6.5CVSS

6.5AI Score

0.001EPSS

2022-11-23 02:15 AM
17
7
cve
cve

CVE-2020-23588

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to "Enable or Disable Ports" and to "Change port number" through " /rmtacc.asp...

4.3CVSS

4.8AI Score

0.001EPSS

2022-11-23 02:15 AM
18
6
cve
cve

CVE-2020-23586

A vulnerability found in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to Add Network Traffic Control Type...

4.3CVSS

4.8AI Score

0.001EPSS

2022-11-23 02:15 AM
18
7
cve
cve

CVE-2020-23583

OPTILINK OP-XT71000N V2.2 is vulnerable to Remote Code Execution. The issue occurs when the attacker sends an arbitrary code on "/diag_ping_admin.asp" to "PingTest" interface that leads to COMMAND EXECUTION. An attacker can successfully trigger the COMMAND and can compromise full...

9.8CVSS

9.6AI Score

0.003EPSS

2022-11-23 01:15 AM
17
7
cve
cve

CVE-2020-23587

A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to men in the middle attack by adding New Routes in RoutingConfiguration on " /routing.asp.....

3.1CVSS

4.3AI Score

0.001EPSS

2022-11-23 02:15 AM
23
7
cve
cve

CVE-2020-23584

Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diag_tracert_admin.asp " in the "PingTest" parameter that leads to command...

9.8CVSS

9.9AI Score

0.002EPSS

2022-11-23 02:15 AM
28
7
cve
cve

CVE-2020-23593

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery (CSRF) attack to enable syslog mode through ' /mgm_log_cfg.asp.' The system starts to log events, 'Remote' mode or...

6.5CVSS

6.6AI Score

0.001EPSS

2022-11-23 01:15 AM
18
4
cve
cve

CVE-2020-23582

A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to create Multiple WLAN...

6.5CVSS

6.5AI Score

0.001EPSS

2022-11-21 09:15 PM
19
11