Huzaifa Hussain

**Name of the Vulnerable Software and Affected Versions** OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028 **Description** A vulnerability allows an unauthenticated, remote attacker to conduct a cross site request forgery (CSRF) attack to enable syslog mode through "/mgm log cfg.asp". The system starts to log events, 'Remote' mode or 'Both' mode on "Syslog -- Configuration page" logs events and sends to remote syslog server IP and Port. **Recommendations** For OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028, as a temporary workaround, consider disabling access to the "/mgm log cfg.asp" endpoint until a patch is available. Restrict access to the "Syslog -- Configuration page" to minimize the risk of exploitation. Avoid using the 'Remote' mode or 'Both' mode on the "Syslog -- Configuration page" until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028 **Description** A vulnerability allows an attacker to upload arbitrary files through "/mgm dev upgrade.asp" which can delete every file for Denial of Service (using `rm -rf *.*` in the code), establish a reverse connection (using `.asp` webshell), or create a backdoor. **Recommendations** For OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028, consider disabling access to the "/mgm dev upgrade.asp" endpoint until a patch is available to prevent arbitrary file uploads. Restrict the use of the `rm` command and monitor for suspicious `.asp` webshell activity to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028 **Description** A vulnerability allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to reset the ONU to factory default through the API endpoint "/mgm dev reset.asp". Resetting to default leads to escalation of privileges by logging in with default credentials. **Recommendations** For OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028, consider disabling access to the "/mgm dev reset.asp" API endpoint until a patch is available to prevent exploitation. Additionally, changing default credentials after a reset can help mitigate the risk of escalation of privileges. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OPTILINK OP-XT71000N version 2.2 **Description** The issue is related to Remote Code Execution. It occurs when an attacker sends arbitrary code to the "/diag ping admin.asp" API endpoint, specifically to the "PingTest" interface, leading to command execution. This allows an attacker to compromise the full system. **Recommendations** For OPTILINK OP-XT71000N version 2.2, consider disabling access to the "/diag ping admin.asp" API endpoint until a patch is available. Restrict the use of the "PingTest" interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OPTILINK OP-XT71000N version V2.2 **Description** The issue occurs due to unauthenticated remote code execution when an attacker passes arbitrary commands with an IP-ADDRESS using " | " to execute commands on "/diag tracert admin.asp" in the `PingTest` parameter. This leads to command execution. **Recommendations** For OPTILINK OP-XT71000N version V2.2, as a temporary workaround, consider restricting access to the "/diag tracert admin.asp" endpoint to minimize the risk of exploitation. Avoid using the `PingTest` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OPTILINK OP-XT71000N version V2.2, Firmware Version: OP V3.3.1-191028 **Description** A remote attacker can conduct a cross-site request forgery (CSRF) attack due to insufficient CSRF protections for the "mgm config file.asp" file. This allows an attacker to create a crafted "csrf form" that sends malicious XML data to the "/boaform/admin/formMgmConfigUpload" API endpoint. The exploit enables the attacker to gain full privileges and fully compromise the router and network. **Recommendations** For OPTILINK OP-XT71000N version V2.2, Firmware Version: OP V3.3.1-191028, as a temporary workaround, consider disabling access to the "/boaform/admin/formMgmConfigUpload" API endpoint until a patch is available. Restrict access to the "mgm config file.asp" file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028 **Description** A vulnerability allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to Add Network Traffic Control Type Rule. This issue enables an attacker to manipulate network traffic control settings without proper authentication. **Recommendations** For OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028, consider disabling the network traffic control feature until a patch is available to prevent exploitation of the CSRF vulnerability. Restrict access to the affected firmware version to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028 **Description** A vulnerability allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack, enabling a man-in-the-middle attack by adding new routes in RoutingConfiguration on the "/routing.asp" API endpoint. This issue can be exploited to intercept and manipulate traffic. **Recommendations** For OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028, consider disabling access to the "/routing.asp" API endpoint until a patch is available to prevent the addition of new routes in RoutingConfiguration. Restricting access to the RoutingConfiguration feature can also help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028 **Description** A vulnerability allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to enable or disable ports and to change port numbers through the "/rmtacc.asp" API endpoint. **Recommendations** For OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028, as a temporary workaround, consider restricting access to the "/rmtacc.asp" API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028 **Description** A vulnerability allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack, causing a Denial of Service by rebooting the router through the "/mgm dev reboot.asp" API endpoint. **Recommendations** For OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028, as a temporary workaround, consider restricting access to the "/mgm dev reboot.asp" API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Optilink OP-XT71000N Hardware version: V2.2, Firmware Version: OP V3.3.1-191028 **Description** A vulnerability allows an unauthenticated remote attacker to conduct a cross-site request forgery (CSRF) attack to change the Password for "WLAN SSID" through the "wlwpa.asp" page. **Recommendations** For Optilink OP-XT71000N Hardware version: V2.2, Firmware Version: OP V3.3.1-191028, consider disabling access to the "wlwpa.asp" page until a patch is available to prevent CSRF attacks. Restrict access to the WLAN SSID password change functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** optilink OP-XT71000N version: V2.2 **Description** A vulnerability in the "/admin/wlmultipleap.asp" API endpoint of optilink OP-XT71000N could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to create Multiple WLAN BSSID. **Recommendations** For optilink OP-XT71000N version: V2.2, as a temporary workaround, consider restricting access to the "/admin/wlmultipleap.asp" API endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-615 T1 version 20.10 **Description** The issue allows remote attackers to bypass the CAPTCHA protection mechanism on the login page, enabling them to conduct brute-force attacks. **Recommendations** For D-Link DIR-615 T1 version 20.10, consider temporarily disabling the login page or restricting access to it until a patch is available to prevent brute-force attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.