All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/148424/ADB-Local-Root-Jailbreak.html | Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2018/Jul/17 | Mailing List Third Party Advisory |
http://www.securityfocus.com/archive/1/542117/100/0/threaded | |
https://www.exploit-db.com/exploits/44983/ | Third Party Advisory VDB Entry |
https://www.sec-consult.com/en/blog/advisories/local-root-jailbreak-via-network-file-sharing-flaw-in-all-adb-broadband-gateways-routers/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-07-06T14:00:00
Updated: 2018-10-09T18:57:01
Reserved: 2018-07-03T00:00:00
Link: CVE-2018-13108
JSON object: View
NVD Information
Status : Modified
Published: 2018-07-06T14:29:01.053
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-13108
JSON object: View
Redhat Information
No data.
CWE