All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/148424/ADB-Local-Root-Jailbreak.html | Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2018/Jul/17 | Mailing List Third Party Advisory |
http://www.securityfocus.com/archive/1/542117/100/0/threaded | |
https://www.exploit-db.com/exploits/44983/ | Third Party Advisory VDB Entry |
https://www.sec-consult.com/en/blog/advisories/local-root-jailbreak-via-network-file-sharing-flaw-in-all-adb-broadband-gateways-routers/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
No history.
Information
Published : 2018-07-06 14:29
Updated : 2024-02-28 16:25
NVD link : CVE-2018-13108
Mitre link : CVE-2018-13108
CVE.ORG link : CVE-2018-13108
JSON object : View
Products Affected
adbglobal
- vv5522
- prg_av4202n
- prg_av4202n_firmware
- dv2210_firmware
- vv2220
- dv2210
- vv2220_firmware
- vv5522_firmware
CWE