CVE-2018-13108

Sažetak

All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.

Reference

http://packetstormsecurity.com/files/148424/ADB-Local-Root-Jailbreak.html
http://seclists.org/fulldisclosure/2018/Jul/17
http://www.securityfocus.com/archive/1/542117/100/0/threaded
https://www.exploit-db.com/exploits/44983/
https://www.sec-consult.com/en/blog/advisories/local-root-jailbreak-via-network-file-sharing-flaw-in-all-adb-broadband-gateways-routers/

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

03-10-2019 - 00:03

Objavljeno

06-07-2018 - 14:29