Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23584

Nov. 23, 2022, 2:15 a.m. |

National Vulnerability Database nist.gov

Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diag_tracert_admin.asp " in the "PingTest" parameter that leads to command execution.

cve

Senior Cloud Security Engineer

@ HelloFresh | Berlin, Germany

Senior Security Engineer

@ Reverb | Remote, US

I.S. Security Analyst

@ YVFWC | Yakima, WA

Snr Professional Services Consultant - XSIAM

@ Palo Alto Networks | Madrid, Spain

Data Governor and Security Specialist

@ Dynatrace | Milan, Italy

Principal Windows Exploit Security Researcher (Cortex XDR)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

Information System Security Officer (ISSO)

@ SciTec | Boulder, Colorado, United States

Application Security Design Architect

@ Fivesky | Alpharetta, GA

Product Cybersecurity Lead

@ SciTec | Boulder, Colorado, United States

Cybersecurity Consultant

@ Sia Partners | Rotterdam, Netherlands

Senior Cybersecurity Engineer

@ Visa | Austin, TX, United States

Manager Pentest H/F

@ Hifield | Sèvres, France