Published: 23/11/2022 Updated: 23/11/2022
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

Vulnerability Summary

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an malicious user to upload arbitrary files through " /mgm_dev_upgrade.asp " which can "delete every file for Denial of Service (using 'rm -rf *.*' in the code), reverse connection (using '.asp' webshell), backdoor.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

optilinknetwork op-xt71000n_firmware 3.3.1-191028

Github Repositories

CVE-2020-23591 OPTILINK E-PON "MODEL NO: OP-XT71000N" with "HARDWARE VERSION: V22"; & "FIRMWARE VERSION: OP_V331-191028" Found vulnerability in the "OPTILINK OP-XT71000N Hardware Version: V22 , Firmware Version: OP_V331-191028" which allows an attacker to upload arbitrary file through " /mgm_dev_upgradeasp " which