CVE-2020-23590
OPTILINK E-PON "MODEL NO: OP-XT71000N" with "HARDWARE VERSION: V2.2"; & "FIRMWARE VERSION: OP_V3.3.1-191028"
Vulnerability found in the "Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OP_V3.3.1-191028" which allow an unauthenticated remote attacker to conduct a cross-site request forgery (CSRF) attack to change the Password for "WLAN SSID" through "wlwpa.asp".
TARGET
/wlwpa.asp
Attack Vector
crafted csrf form leads to change the password for "WLAN SSID" through "wlwpa.asp".
REGARDS
Huzaifa Hussain