{"vulnerability": "cve-2020-23591", "sightings": [{"uuid": "a0e7a818-ce1b-45bc-8f8c-1e3fbd02abe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-23591", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3466", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1awebshell\n\u63cf\u8ff0\uff1aARBITAR FILE UPLOAD LEADS TO \\\"delete every file for Denial of Service (using 'rm -rf *.*' in the code), reverse connection (using '.asp' webshell), backdoor , Escalation of Privileges, etc\\\".\nURL\uff1ahttps://github.com/huzaifahussain98/CVE-2020-23591\n\n\u6807\u7b7e\uff1a#webshell", "creation_timestamp": "2022-11-21T05:48:43.000000Z"}, {"uuid": "fb826be4-4bc4-4f76-9e03-27eabbf5728c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-23591", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13854", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-23591\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an attacker to upload arbitrary files through \" /mgm_dev_upgrade.asp \" which can \"delete every file for Denial of Service (using 'rm -rf *.*' in the code), reverse connection (using '.asp' webshell), backdoor.\n\ud83d\udccf Published: 2022-11-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T15:57:51.319Z\n\ud83d\udd17 References:\n1. https://github.com/huzaifahussain98/CVE-2020-23591", "creation_timestamp": "2025-04-29T16:12:46.000000Z"}, {"uuid": "662eee29-f682-4cda-837b-93200378edd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-23591", "type": "seen", "source": "https://t.me/cibsecurity/53394", "content": "\u203c CVE-2020-23591 \u203c\n\nA vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an attacker to upload arbitrary files through \" /mgm_dev_upgrade.asp \" which can \"delete every file for Denial of Service (using 'rm -rf *.*' in the code), reverse connection (using '.asp' webshell), backdoor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-23T07:13:42.000000Z"}]}