CVE-2020-23586: Exploiting the Cross-Site Request Forgery (CSRF) Vulnerability in OPTILINK OP-XT71000N and How to Protect Your System
A vulnerability with the code CVE-2020-23586 was recently discovered in the OPTILINK OP-XT71000N networking device. This security weakness allows an unauthenticated, remote attacker to conduct
CVE-2020-23588: Unauthenticated CSRF Attack in OPTILINK OP-XT71000N Devices, Enabling Port Modification
Description: A vulnerability has been discovered in OPTILINK OP-XT71000N devices, which allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. This
CVE-2020-23590 The Optilink V2.2 and V3.3.1 OP-XT71000N has a CSRF vulnerability that can be exploited to change the password for the WLAN SSID.
Optilink OP-XT71000N V2.2, Firmware Version: OP_V3.3.1-191028 is vulnerable to a cross-site request forgery (CSRF) vulnerability when an unauthenticated user's
CVE-2022-37772 Maarch RM 2.8.3 has an improper restriction of excessive authentication attempts due to excessive verbose responses from the application.
Redirecting users to arbitrary hosts after they have authenticated is dangerous, as this type of attack could be used to serve malicious content or install
CVE-2020-23592 An unauthenticated, remote attacker can conduct a CSRF attack to reset the ONU to factory default.
An attacker can hijack the session of an authenticated user to log-in as a 'root' user and delete files or perform other actions
Episode
00:00:00
00:00:00