The security researcher at Dutch security audit firm Fox-IT, Eduardo Novella, has discovered two critical vulnerabilities affecting a model of ADB Pirelli home wireless router.
Novella decided to publicly disclose the vulnerabilities because the device manufacturer and the companies that are distributing the router on the market have ignored his reports.
This specific router, ADB Pirelli ADSL2 data gateway PDG A4001N, is provided by Spanish broadband provider Movistar and Argentinian ISP Arnet to their customers.
Novella discovered the first vulnerability in the Pirelli router early 2013, and he ethically reported it to both Pirelli and Movistar.
The researcher explained that it is very easy to exploit the flaw as reported in the official advisory:
“These routers are vulnerable to fetch HTML code from any IP public over the world. Neither authentication nor any protection to avoid unauthorized extraction of sensitive information,” he said.
The vulnerability coded as CVE-2015-0554 is an information disclosure flaw that could be exploited by an attacker to completely control the router settings and allow remote monitoring on home networks.
The vulnerability is serious because the attackers can exploit it to compose a botnet to run illegal activities (i.e. run a DDoS attack against a specific target.
The researcher also published the PoC code that can be used to extract session keys, the Wi-Fi’s network password, reboot the device, etc.
Novella suggests to disable the remote connection for secure the Pirelli router, another option for the owner of the Pirelli routers is to update the device’s firmware or install a third-party one (i.e. OpenWRT or DDWRT).
The second vulnerability discovered by Novella, coded CVE-2015-0558, could be exploited by an attacker to reverse-engineer the Pirelli router’s firmware and extract the default key generation algorithm and, consequently, to determine the device’s default Wi-Fi encryption keys.
(Security Affairs – ADB Pirelli, Hacking)
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…
The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their…
A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all…
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting…
The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the…
This website uses cookies.