ID |
CVE-2018-13108
|
Summary |
All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:o:adbglobal:dv2210_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:adbglobal:dv2210_firmware:-:*:*:*:*:*:*:*
-
cpe:2.3:h:adbglobal:dv2210:-:*:*:*:*:*:*:*
cpe:2.3:h:adbglobal:dv2210:-:*:*:*:*:*:*:*
-
cpe:2.3:o:adbglobal:vv2220_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:adbglobal:vv2220_firmware:-:*:*:*:*:*:*:*
-
cpe:2.3:h:adbglobal:vv2220:-:*:*:*:*:*:*:*
cpe:2.3:h:adbglobal:vv2220:-:*:*:*:*:*:*:*
-
cpe:2.3:o:adbglobal:vv5522_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:adbglobal:vv5522_firmware:-:*:*:*:*:*:*:*
-
cpe:2.3:h:adbglobal:vv5522:-:*:*:*:*:*:*:*
cpe:2.3:h:adbglobal:vv5522:-:*:*:*:*:*:*:*
-
cpe:2.3:o:adbglobal:prg_av4202n_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:adbglobal:prg_av4202n_firmware:-:*:*:*:*:*:*:*
-
cpe:2.3:h:adbglobal:prg_av4202n:-:*:*:*:*:*:*:*
cpe:2.3:h:adbglobal:prg_av4202n:-:*:*:*:*:*:*:*
|
CVSS |
Base: | 7.2 (as of 03-10-2019 - 00:03) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-noinfo |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
refmap
via4
|
bugtraq | 20180704 SEC Consult SA-20180704-0 :: Local root jailbreak via network file sharing flaw in all ADB Broadband Gateways / Routers | exploit-db | 44983 | fulldisc | 20180704 SEC Consult SA-20180704-0 :: Local root jailbreak via network file sharing flaw in all ADB Broadband Gateways / Routers | misc | |
|
Last major update |
03-10-2019 - 00:03 |
Published |
06-07-2018 - 14:29 |
Last modified |
03-10-2019 - 00:03 |