CVE-2020-23589

Vulnerability

The OPTILINK OP-XT71000N router with Hardware Version V2.2 and Firmware Version OP_V3.3.1-191028 contains a vulnerability in the /mgm_dev_reboot.asp endpoint. An unauthenticated, remote attacker can trigger a cross-site request forgery (CSRF) attack, causing the device to reboot. No authentication or special configuration is required to access this endpoint [1].

Exploitation

An attacker can craft a malicious web page or HTML email that, when visited by an authenticated administrator of the router, sends an unauthorized request to /mgm_dev_reboot.asp. Because the router does not implement CSRF tokens or other anti-forgery measures, the request is processed as if it came from the legitimate user, resulting in an immediate reboot of the device [1].

Impact

Successful exploitation causes a denial of service (DoS) by rebooting the router, disrupting all network connectivity for users behind the device. The attacker does not obtain any data or persistent control, but the interruption can be repeated as long as the victim visits attacker-controlled content [1].

Mitigation

OPTILINK has not released a patched firmware version for this vulnerability as of the publication date (2022-11-23). Users should restrict access to the router's management interface to trusted networks only and consider disabling remote management if not required. No known workaround exists other than network-level controls. The CVE is not listed on CISA's Known Exploited Vulnerabilities catalog [1].