Vulnerability Description
All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adbglobal | Dv2210 Firmware | - |
| Adbglobal | Dv2210 | - |
| Adbglobal | Vv2220 Firmware | - |
| Adbglobal | Vv2220 | - |
| Adbglobal | Vv5522 Firmware | - |
| Adbglobal | Vv5522 | - |
| Adbglobal | Prg Av4202N Firmware | - |
| Adbglobal | Prg Av4202N | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/148430/ADB-Group-Manipulation-Privilege-EscExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2018/Jul/19ExploitMailing ListThird Party Advisory
- http://www.securityfocus.com/archive/1/542118/100/0/threadedThird Party AdvisoryVDB Entry
- https://www.exploit-db.com/exploits/44984/ExploitThird Party AdvisoryVDB Entry
- https://www.sec-consult.com/en/blog/advisories/privilege-escalation-via-linux-grExploitThird Party Advisory
- http://packetstormsecurity.com/files/148430/ADB-Group-Manipulation-Privilege-EscExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2018/Jul/19ExploitMailing ListThird Party Advisory
- http://www.securityfocus.com/archive/1/542118/100/0/threadedThird Party AdvisoryVDB Entry
- https://www.exploit-db.com/exploits/44984/ExploitThird Party AdvisoryVDB Entry
- https://www.sec-consult.com/en/blog/advisories/privilege-escalation-via-linux-grExploitThird Party Advisory
FAQ
What is CVE-2018-13110?
CVE-2018-13110 is a vulnerability with a CVSS score of 7.5 (HIGH). All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previou...
How severe is CVE-2018-13110?
CVE-2018-13110 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-13110?
Check the references section above for vendor advisories and patch information. Affected products include: Adbglobal Dv2210 Firmware, Adbglobal Dv2210, Adbglobal Vv2220 Firmware, Adbglobal Vv2220, Adbglobal Vv5522 Firmware.