CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-23591

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an attacker to upload arbitrary files through " /mgm_dev_upgrade.asp " which can "delete every file for Denial of Service (using 'rm -rf *.*' in the code), reverse connection (using '.asp' webshell), backdoor.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.5%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/huzaifahussain98/CVE-2020-23591
https://github.com/huzaifahussain98/CVE-2020-23591

Products affected by CVE-2020-23591

Optilinknetwork » Op-Xt71000n » Version: 2.2

cpe:2.3:h:optilinknetwork:op-xt71000n:2.2
Optilinknetwork » Op-Xt71000n Firmware » Version: 3.3.1-191028

cpe:2.3:o:optilinknetwork:op-xt71000n_firmware:3.3.1-191028

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-23591

Products

Pricing

Contact Us