CVE-2018-13108

All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:adbglobal:dv2210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:adbglobal:dv2210:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:adbglobal:vv2220_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:adbglobal:vv2220:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:adbglobal:vv5522_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:adbglobal:vv5522:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:adbglobal:prg_av4202n_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:adbglobal:prg_av4202n:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:46

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/148424/ADB-Local-Root-Jailbreak.html - Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/148424/ADB-Local-Root-Jailbreak.html - Third Party Advisory, VDB Entry
References () http://seclists.org/fulldisclosure/2018/Jul/17 - Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2018/Jul/17 - Mailing List, Third Party Advisory
References () http://www.securityfocus.com/archive/1/542117/100/0/threaded - () http://www.securityfocus.com/archive/1/542117/100/0/threaded -
References () https://www.exploit-db.com/exploits/44983/ - Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/44983/ - Third Party Advisory, VDB Entry
References () https://www.sec-consult.com/en/blog/advisories/local-root-jailbreak-via-network-file-sharing-flaw-in-all-adb-broadband-gateways-routers/ - Exploit, Third Party Advisory () https://www.sec-consult.com/en/blog/advisories/local-root-jailbreak-via-network-file-sharing-flaw-in-all-adb-broadband-gateways-routers/ - Exploit, Third Party Advisory

Information

Published : 2018-07-06 14:29

Updated : 2024-11-21 03:46


NVD link : CVE-2018-13108

Mitre link : CVE-2018-13108

CVE.ORG link : CVE-2018-13108


JSON object : View

Products Affected

adbglobal

  • vv5522_firmware
  • prg_av4202n_firmware
  • dv2210_firmware
  • prg_av4202n
  • vv2220
  • vv5522
  • vv2220_firmware
  • dv2210