Details of VAR-201509-0226

ID

VAR-201509-0226

CVE

CVE-2015-5993

TITLE

Philippine Long Distance Telephone SpeedSurf 504AN and Kasda KW58293 contain multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#525276

DESCRIPTION

Buffer overflow in form2ping.cgi on Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to cause a denial of service (device outage) via a long ipaddr parameter. The Phillipine Long Distance Telephone (PLDT) company provides internet access in the Phillippines. The SpeedSurf 504AN and Kasda KW58293 modems distributed by PLDT contain multiple vulnerabilities. The BaudTec ADSL2+ Router may also be affected. PLDT SpeedSurf 504AN and Kasda KW58293 incorrectly use the form2ping.cgi page to send PING requests, allowing remote attackers to submit special \342\200\230ipaddr\342\200\231 parameters for denial of service attacks. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. The former is a product of the Philippine PLDT company. The latter is a product of China Hongcheng (Kasda) Digital Technology Co., Ltd. There is a buffer overflow vulnerability in the form2ping.cgi file of PLDT SpeedSurf 504AN device and Kasda KW58293 using GAN9.8U26-4-TX-R6B018-PH.EN firmware

Trust: 3.24

sources: NVD: CVE-2015-5993 // CERT/CC: VU#525276 // JVNDB: JVNDB-2015-004949 // CNVD: CNVD-2015-06098 // BID: 76526 // VULHUB: VHN-83954

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-06098

AFFECTED PRODUCTS

vendor:	philippine long distance telephone	model:	speedsurf 504an	scope:	eq	version:	gan9.8u26-4-tx-r6b018-hp.en	Trust: 1.6
vendor:	philippine long distance telephone	model:	kasda kw58293	scope:	eq	version:	-	Trust: 1.6
vendor:	philippine long distance telephone	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	kasda	model:	kw58293	scope:	eq	version:	none	Trust: 0.8
vendor:	kasda	model:	kw58293	scope:	eq	version:	firmware	Trust: 0.8
vendor:	philippine long distance telephone pldt	model:	speedsurf 504an	scope:	-	version:	-	Trust: 0.8
vendor:	philippine long distance telephone pldt	model:	speedsurf 504an	scope:	eq	version:	gan9.8u26-4-tx-r6b018-ph.en	Trust: 0.8
vendor:	philippine long distance telephone	model:	speedsurf 504an gan9.8u26-4-tx-r6b018-ph.en	scope:	-	version:	-	Trust: 0.6
vendor:	philippine long distance telephone	model:	kasda kw58293	scope:	-	version:	-	Trust: 0.6
vendor:	philippine long distance telephone	model:	speedsurf 504an gan9.8u26-4-tx-r6b01	scope:	-	version:	-	Trust: 0.3
vendor:	philippine long distance telephone	model:	kasda kw58293	scope:	eq	version:	0	Trust: 0.3

sources: CERT/CC: VU#525276 // CNVD: CNVD-2015-06098 // BID: 76526 // JVNDB: JVNDB-2015-004949 // CNNVD: CNNVD-201509-216 // NVD: CVE-2015-5993

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-5993
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-5993
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2015-06098
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201509-216
value:	HIGH
Trust: 0.6
VULHUB:	VHN-83954
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-5993
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2015-06098
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-83954
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2015-06098 // VULHUB: VHN-83954 // JVNDB: JVNDB-2015-004949 // CNNVD: CNNVD-201509-216 // NVD: CVE-2015-5993

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-83954 // JVNDB: JVNDB-2015-004949 // NVD: CVE-2015-5993

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201509-216

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201509-216

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-004949

PATCH

title:	KW58293	url:	http://www.kasda.cn/product_info.asp?id=232	Trust: 0.8
title:	PLDT - Philippine Long Distance Telephone Company	url:	http://www.pldt.com/	Trust: 0.8

sources: JVNDB: JVNDB-2015-004949

EXTERNAL IDS

db:	CERT/CC	id:	VU#525276	Trust: 4.2
db:	NVD	id:	CVE-2015-5993	Trust: 3.4
db:	JVN	id:	JVNVU98946427	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-004949	Trust: 0.8
db:	CNVD	id:	CNVD-2015-06098	Trust: 0.6
db:	CNNVD	id:	CNNVD-201509-216	Trust: 0.6
db:	BID	id:	76526	Trust: 0.4
db:	VULHUB	id:	VHN-83954	Trust: 0.1

sources: CERT/CC: VU#525276 // CNVD: CNVD-2015-06098 // VULHUB: VHN-83954 // BID: 76526 // JVNDB: JVNDB-2015-004949 // CNNVD: CNNVD-201509-216 // NVD: CVE-2015-5993

REFERENCES

url:	http://www.kb.cert.org/vuls/id/525276	Trust: 3.4
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5993	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu98946427/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5993	Trust: 0.8
url:	http://www.pldt.com/	Trust: 0.3

sources: CERT/CC: VU#525276 // CNVD: CNVD-2015-06098 // VULHUB: VHN-83954 // BID: 76526 // JVNDB: JVNDB-2015-004949 // CNNVD: CNNVD-201509-216 // NVD: CVE-2015-5993

CREDITS

Eskie Cirrus James Maquilang

Trust: 0.3

sources: BID: 76526

SOURCES

db:	CERT/CC	id:	VU#525276
db:	CNVD	id:	CNVD-2015-06098
db:	VULHUB	id:	VHN-83954
db:	BID	id:	76526
db:	JVNDB	id:	JVNDB-2015-004949
db:	CNNVD	id:	CNNVD-201509-216
db:	NVD	id:	CVE-2015-5993

LAST UPDATE DATE

2025-04-13T23:05:16.520000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#525276	date:	2016-04-17T00:00:00
db:	CNVD	id:	CNVD-2015-06098	date:	2015-09-22T00:00:00
db:	VULHUB	id:	VHN-83954	date:	2015-09-21T00:00:00
db:	BID	id:	76526	date:	2015-08-31T00:00:00
db:	JVNDB	id:	JVNDB-2015-004949	date:	2015-09-30T00:00:00
db:	CNNVD	id:	CNNVD-201509-216	date:	2015-09-22T00:00:00
db:	NVD	id:	CVE-2015-5993	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#525276	date:	2015-08-31T00:00:00
db:	CNVD	id:	CNVD-2015-06098	date:	2015-09-22T00:00:00
db:	VULHUB	id:	VHN-83954	date:	2015-09-21T00:00:00
db:	BID	id:	76526	date:	2015-08-31T00:00:00
db:	JVNDB	id:	JVNDB-2015-004949	date:	2015-09-30T00:00:00
db:	CNNVD	id:	CNNVD-201509-216	date:	2015-08-31T00:00:00
db:	NVD	id:	CVE-2015-5993	date:	2015-09-21T10:59:08.630