OPTILINK E-PON "MODEL NO: OP-XT71000N" with "HARDWARE VERSION: V2.2"; & "FIRMWARE VERSION: OP_V3.3.1-191028"
A vulnerability found in the "OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028" allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to men in the middle attack by adding New Routes in RoutingConfiguration on " /routing.asp ".
TARGET
/routing.asp
Attack Vector
Men in the middle attack is possible through CSRF by adding New Routes in RoutingConfiguration on " /routing.asp ".
REGARDS
Huzaifa Hussain