CVE-2020-12123

Vulnerability

The WAVLINK WN530H4 router running firmware version M30H4.V5030.190403 does not implement CSRF tokens on endpoints under the /cgi-bin/ directory. This CSRF vulnerability allows an attacker to trigger actions on the router if an authenticated user visits a malicious page.

Exploitation

An attacker can craft a malicious website or email that, when visited by an authenticated router user, sends requests to the router's /cgi-bin/ endpoints. Since the endpoints lack CSRF protection, the attacker's requests are executed as if they came from the legitimate user. No additional authentication or user interaction beyond visiting the malicious page is required.

Impact

Successful exploitation allows the attacker to remotely access router endpoints with the privileges of the authenticated user. This could lead to unauthorized changes to router settings, including configuration modifications, or other actions permitted by the router's admin interface.

Mitigation

As of the publication date (2020-10-02), no firmware update is mentioned in available references. Users should consider workarounds such as disabling remote management or using a VPN to protect the router's management interface. The vendor's product page [1] does not provide security patches.