Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 23/11/2022 Updated: 23/11/2022

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diag_tracert_admin.asp " in the "PingTest" parameter that leads to command execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
optilinknetwork op-xt71000n_firmware 3.3.1-191028

REMOTE CODE EXECUTION

CVE-2020-23584 OPTILINK E-PON "MODEL NO: OP-XT71000N" with "HARDWARE VERSION: V22"; & "FIRMWARE VERSION: OP_V331-191028" Unauthenticated remote code execution on "OPTILINK OP-XT71000N, Hardware Version: V22" The issue occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands

CWE-77 https://github.com/huzaifahussain98/CVE-2020-23584 https://nvd.nist.gov https://github.com/huzaifahussain98/CVE-2020-23584

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-23584

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect