Eduardo Novella

**Name of the Vulnerable Software and Affected Versions** P.DGA4001N router version PDG TEF SP 4.06L.6 **Description** The issue allows remote attackers to obtain sensitive information or cause a denial of service, such as a device restart, by accessing the web interface. This can be achieved by making a direct request to API endpoints like "wlsecurity.html" or "resetrouter.html". **Recommendations** For version PDG TEF SP 4.06L.6, consider restricting access to the web interface as a temporary workaround until a patch is available. Avoid using the API endpoints "wlsecurity.html" and "resetrouter.html" to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.