CVE-2020-23593

Description

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery (CSRF) attack to enable syslog mode through /mgm_log_cfg.asp. The system starts to log events, Remote mode or Both mode on "Syslog -- Configuration page" logs events and sends to remote syslog server IP and Port.