Lucene search

[email protected]CVE-2015-0554

HistoryJan 21, 2015 - 6:59 p.m.

CVE-2015-0554

2015-01-2118:59:50

CWE-264

[email protected]

web.nvd.nist.gov

adb

p.dga4001n

router

firmware

security vulnerability

web interface

remote access

denial of service

nvd

cve-2015-0554

9.4 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:N/A:C

6.7 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

JSON

The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6 does not properly restrict access to the web interface, which allows remote attackers to obtain sensitive information or cause a denial of service (device restart) as demonstrated by a direct request to (1) wlsecurity.html or (2) resetrouter.html.

Affected configurations

NVD

Node

adbp.dga4001n_firmwareMatchpdg_tef_sp_4.06l.6

AND

adbp.dga4001n

CPENameOperatorVersion
adb:p.dga4001n_firmwareadb p.dga4001n firmwareeqpdg_tef_sp_4.06l.6

CPE	Name	Operator	Version
adb:p.dga4001n_firmware	adb p.dga4001n firmware	eq	pdg_tef_sp_4.06l.6

References

packetstormsecurity.com/files/129828/Pirelli-ADSL2-2-Wireless-Router-P.DGA4001N-Information-Disclosure.html

www.exploit-db.com/exploits/35721

9.4 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:N/A:C

6.7 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

JSON

Related for CVE-2015-0554

zdt1 prion1 cvelist1 nvd1 dsquare1 threatpost1 nuclei1 exploitpack1 packetstorm1 exploitdb1