Vulnerability CVE-2020-23584


Published: 2022-11-23

Description:
Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diag_tracert_admin.asp " in the "PingTest" parameter that leads to command execution.

 References:
https://github.com/huzaifahussain98/CVE-2020-23584

Copyright 2022, cxsecurity.com

 

Back to Top