Vulnerability CVE-2018-13108


Published: 2018-07-06

Description:
All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
ADB Local Root Jailbreak
Johannes Greil
05.07.2018

Type:

CWE-noinfo

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Adbglobal -> Dv2210 firmware 
Adbglobal -> Prg av4202n firmware 
Adbglobal -> Vv2220 firmware 
Adbglobal -> Vv5522 firmware 

 References:
http://packetstormsecurity.com/files/148424/ADB-Local-Root-Jailbreak.html
http://seclists.org/fulldisclosure/2018/Jul/17
http://www.securityfocus.com/archive/1/542117/100/0/threaded
https://www.exploit-db.com/exploits/44983/
https://www.sec-consult.com/en/blog/advisories/local-root-jailbreak-via-network-file-sharing-flaw-in-all-adb-broadband-gateways-routers/

Copyright 2022, cxsecurity.com

 

Back to Top