CVE-2020-23586

Name of the Vulnerable Software and Affected Versions OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028

Description A vulnerability allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to Add Network Traffic Control Type Rule. This issue enables an attacker to manipulate network traffic control settings without proper authentication.

Recommendations For OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP V3.3.1-191028, consider disabling the network traffic control feature until a patch is available to prevent exploitation of the CSRF vulnerability. Restrict access to the affected firmware version to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.