ID CVE-2018-13108
Summary All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.
References
Vulnerable Configurations
  • cpe:2.3:o:adbglobal:dv2210_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:adbglobal:dv2210_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:adbglobal:dv2210:-:*:*:*:*:*:*:*
    cpe:2.3:h:adbglobal:dv2210:-:*:*:*:*:*:*:*
  • cpe:2.3:o:adbglobal:vv2220_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:adbglobal:vv2220_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:adbglobal:vv2220:-:*:*:*:*:*:*:*
    cpe:2.3:h:adbglobal:vv2220:-:*:*:*:*:*:*:*
  • cpe:2.3:o:adbglobal:vv5522_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:adbglobal:vv5522_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:adbglobal:vv5522:-:*:*:*:*:*:*:*
    cpe:2.3:h:adbglobal:vv5522:-:*:*:*:*:*:*:*
  • cpe:2.3:o:adbglobal:prg_av4202n_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:adbglobal:prg_av4202n_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:adbglobal:prg_av4202n:-:*:*:*:*:*:*:*
    cpe:2.3:h:adbglobal:prg_av4202n:-:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bugtraq 20180704 SEC Consult SA-20180704-0 :: Local root jailbreak via network file sharing flaw in all ADB Broadband Gateways / Routers
exploit-db 44983
fulldisc 20180704 SEC Consult SA-20180704-0 :: Local root jailbreak via network file sharing flaw in all ADB Broadband Gateways / Routers
misc
Last major update 03-10-2019 - 00:03
Published 06-07-2018 - 14:29
Last modified 03-10-2019 - 00:03
Back to Top