Vulnerability Description
All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adbglobal | Dv2210 Firmware | - |
| Adbglobal | Dv2210 | - |
| Adbglobal | Vv2220 Firmware | - |
| Adbglobal | Vv2220 | - |
| Adbglobal | Vv5522 Firmware | - |
| Adbglobal | Vv5522 | - |
| Adbglobal | Prg Av4202N Firmware | - |
| Adbglobal | Prg Av4202N | - |
References
- http://packetstormsecurity.com/files/148424/ADB-Local-Root-Jailbreak.htmlThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2018/Jul/17Mailing ListThird Party Advisory
- http://www.securityfocus.com/archive/1/542117/100/0/threaded
- https://www.exploit-db.com/exploits/44983/Third Party AdvisoryVDB Entry
- https://www.sec-consult.com/en/blog/advisories/local-root-jailbreak-via-network-ExploitThird Party Advisory
- http://packetstormsecurity.com/files/148424/ADB-Local-Root-Jailbreak.htmlThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2018/Jul/17Mailing ListThird Party Advisory
- http://www.securityfocus.com/archive/1/542117/100/0/threaded
- https://www.exploit-db.com/exploits/44983/Third Party AdvisoryVDB Entry
- https://www.sec-consult.com/en/blog/advisories/local-root-jailbreak-via-network-ExploitThird Party Advisory
FAQ
What is CVE-2018-13108?
CVE-2018-13108 is a vulnerability with a CVSS score of 7.8 (HIGH). All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract furthe...
How severe is CVE-2018-13108?
CVE-2018-13108 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-13108?
Check the references section above for vendor advisories and patch information. Affected products include: Adbglobal Dv2210 Firmware, Adbglobal Dv2210, Adbglobal Vv2220 Firmware, Adbglobal Vv2220, Adbglobal Vv5522 Firmware.