Vulnerabilities > Optilinknetwork > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-23 | CVE-2020-23586 | Cross-Site Request Forgery (CSRF) vulnerability in Optilinknetwork Op-Xt71000N Firmware 3.3.1191028 A vulnerability found in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to Add Network Traffic Control Type Rule. | 4.3 |
| 2022-11-23 | CVE-2020-23588 | Cross-Site Request Forgery (CSRF) vulnerability in Optilinknetwork Op-Xt71000N Firmware 3.3.1191028 A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to "Enable or Disable Ports" and to "Change port number" through " /rmtacc.asp ". | 4.3 |
| 2022-11-23 | CVE-2020-23589 | Cross-Site Request Forgery (CSRF) vulnerability in Optilinknetwork Op-Xt71000N Firmware 3.3.1191028 A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to cause a Denial of Service by Rebooting the router through " /mgm_dev_reboot.asp." | 6.5 |
| 2022-11-23 | CVE-2020-23590 | Cross-Site Request Forgery (CSRF) vulnerability in Optilinknetwork Op-Xt71000N Firmware 3.3.1191028 A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated remote attacker to conduct a cross-site request forgery (CSRF) attack to change the Password for "WLAN SSID" through "wlwpa.asp". | 6.5 |
| 2022-11-23 | CVE-2020-23593 | Cross-Site Request Forgery (CSRF) vulnerability in Optilinknetwork Op-Xt71000N Firmware 3.3.1191028 A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery (CSRF) attack to enable syslog mode through ' /mgm_log_cfg.asp.' The system starts to log events, 'Remote' mode or 'Both' mode on "Syslog -- Configuration page" logs events and sends to remote syslog server IP and Port. | 6.5 |
| 2022-11-21 | CVE-2020-23582 | Cross-Site Request Forgery (CSRF) vulnerability in Optilinknetwork Op-Xt71000N Firmware 3.3.1191028 A vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to create Multiple WLAN BSSID. | 6.5 |