OPTILINK E-PON "MODEL NO: OP-XT71000N" with "HARDWARE VERSION: V2.2"; & "FIRMWARE VERSION: OP_V3.3.1-191028"
Found vulnerability in the "OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028" allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to Reset ONU to Factory Default through ' /mgm_dev_reset.asp '. resetting to default leads to Escalation of Privileges by logging-in with default credentials.
TARGET
/mgm_dev_reset.asp
Attack Vector
CSRF attack leads to Reset ONU to Factory Default through ' /mgm_dev_reset.asp '.
REGARDS
Huzaifa Hussain