Skip to main content
Customer Support Customer Support

Ouch! Home router security "bypass" actually means no security AT ALL

  • January 15, 2015
  • 1 reply
  • 149 views
Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54
Ridiculous!!!!!!!!
 
by Paul Ducklin on January 15, 2015
 
 


About two years ago, a Spanish security researcher named Eduardo Novella found an astonishing bug in the Pirelli P.DGA4001N routers that were used by a Spanish ISP.
After a long wait, he's now gone public with what must be the most straightforward Proof of Concept "code" ever seen.
Very simply put, Novella claims that the router's administration web pages are visible on the external (internet-facing) interface.
And by "visible" he means just that.
Imagine that you were on the inside of your network, and you tried to go to a router setup page such as:
 
http://10.0.0.1/wifisetup.html 
Full Article
Ssherjj
TripleHelix
2 people like this
  • Ssherjj
    Ssherjj
  • TripleHelix
    TripleHelix

1 reply

R
Community Guide
  • retiredAntus67
  • Community Guide
  • 5988 replies
  • January 16, 2015

Posted on 16 January 2015.Spanish security researcher Eduardo Novella has discovered two critical vulnerabilities affecting a specific ADB Pirelli home wireless router deployed by Spanish broadband provider Movistar and Argentinian ISP Arnet.

The vulnerable device is ADB Pirelli ADSL2 data gateway PDG A4001N, and according to Novella, who's currently an intern at Dutch security audit firm Fox-IT, he discovered the first vulnerability in early 2013, and dutifully disclosed it to both Pirelli and Movistar.

This is an information disclosure flaw (CVE-2015-0554) that makes the device vulnerable to being hijacked and misused by remote attackers who can then monitor what's going on specific home networks, make changes to the settings, open ports, make the router part of a botnet, and so on.

The attack is trivial to execute, and Novella published PoC code that can be used to extract session keys, the Wi-Fi's network password, reboot the device, etc. full article
Baldrick
1 person likes this
  • Baldrick
    Baldrick

Reply


Terms & Conditions