Skip to content
Nuclei Templates

ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure

ID: CVE-2015-0554

Severity: critical

Author: daffainfo

Tags: cve2015,cve,pirelli,router,disclosure,edb,packetstorm,adb

Description

Section titled “Description”

ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6 does not properly restrict access to the web interface, which allows remote attackers to obtain sensitive information or cause a denial of service (device restart) as demonstrated by a direct request to (1) wlsecurity.html or (2) resetrouter.html.

YAML Source

Section titled “YAML Source”
id: CVE-2015-0554


info:
  name: ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure
  author: daffainfo
  severity: critical
  description: ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6 does not properly restrict access to the web interface, which allows remote attackers to obtain sensitive information or cause a denial of service (device restart) as demonstrated by a direct request to (1) wlsecurity.html or (2) resetrouter.html.
  impact: |
    An attacker can exploit this vulnerability to gain sensitive information from the router.
  remediation: |
    Apply the latest firmware update provided by the vendor to fix the information disclosure vulnerability.
  reference:
    - https://www.exploit-db.com/exploits/35721
    - http://packetstormsecurity.com/files/129828/Pirelli-ADSL2-2-Wireless-Router-P.DGA4001N-Information-Disclosure.html
    - https://nvd.nist.gov/vuln/detail/CVE-2015-0554
    - http://www.exploit-db.com/exploits/35721
    - https://github.com/ARPSyndicate/cvemon
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:C
    cvss-score: 9.4
    cve-id: CVE-2015-0554
    cwe-id: CWE-264
    epss-score: 0.0139
    epss-percentile: 0.86079
    cpe: cpe:2.3:o:adb:p.dga4001n_firmware:pdg_tef_sp_4.06l.6:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: adb
    product: p.dga4001n_firmware
  tags: cve2015,cve,pirelli,router,disclosure,edb,packetstorm,adb


http:
  - method: GET
    path:
      - "{{BaseURL}}/wlsecurity.html"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "var wpapskkey"
          - "var WscDevPin"
          - "var sessionkey"
        condition: and


      - type: status
        status:
          - 200
# digest: 4a0a0047304502201dbc34162d1c747d7de27e1fa02e5d882a007258a3775f3afafdb07fdb7d174d022100925cf116f087e10ff8e8f845f6bf91e4fdc20a85bc31f32fe1dad942855d2057:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2015/CVE-2015-0554.yaml"

View on Github