CVE-2020-23590

Vulnerability

The Optilink OP-XT71000N router (Hardware Version: V2.2, Firmware Version: OP_V3.3.1-191028) contains a cross-site request forgery (CSRF) vulnerability in the wlwpa.asp endpoint [1]. This endpoint handles WLAN SSID password changes and does not implement any anti-CSRF tokens or origin validation, allowing an attacker to forge requests on behalf of an authenticated user [1].

Exploitation

An unauthenticated remote attacker can craft a malicious CSRF form and deliver it to an authenticated router administrator (e.g., via a link, email, or embedded on a page) [1]. If the victim visits the crafted form while authenticated to the router, the form automatically submits a password change request to /wlwpa.asp, altering the WLAN SSID password without the victim's knowledge or consent [1]. No special network position or other privileges are required beyond luring the victim to load the crafted content.

Impact

Successful exploitation allows the attacker to change the WLAN SSID password, effectively gaining unauthorized control over the wireless network access [1]. This could lead to denial of service for legitimate users or enable the attacker to join the network with a known password, potentially leading to further compromise of connected devices. The integrity and availability of the wireless network are affected.

Mitigation

As of the latest available references, no official patch or firmware update has been released by Optilink to address this vulnerability [1]. Users are advised to avoid accessing the router's web interface while simultaneously browsing untrusted content, or to implement additional network-level protections such as restricting access to the management interface to trusted IPs only. Consider replacing the device if no patch becomes available.