Vulnerability Details CVE-2018-13110
All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.138
EPSS Ranking 94.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 8.5
References
- http://packetstormsecurity.com/files/148430/ADB-Group-Manipulation-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2018/Jul/19
- http://www.securityfocus.com/archive/1/542118/100/0/threaded
- https://www.exploit-db.com/exploits/44984/
- https://www.sec-consult.com/en/blog/advisories/privilege-escalation-via-linux-group-manipulation-in-all-adb-broadband-gateways-routers/
- http://packetstormsecurity.com/files/148430/ADB-Group-Manipulation-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2018/Jul/19
- http://www.securityfocus.com/archive/1/542118/100/0/threaded
- https://www.exploit-db.com/exploits/44984/
- https://www.sec-consult.com/en/blog/advisories/privilege-escalation-via-linux-group-manipulation-in-all-adb-broadband-gateways-routers/
Products affected by CVE-2018-13110
-
cpe:2.3:h:adbglobal:dv2210:-
-
cpe:2.3:h:adbglobal:prg_av4202n:-
-
cpe:2.3:h:adbglobal:vv2220:-
-
cpe:2.3:h:adbglobal:vv5522:-
-
cpe:2.3:o:adbglobal:dv2210_firmware:-
-
cpe:2.3:o:adbglobal:prg_av4202n_firmware:-
-
cpe:2.3:o:adbglobal:vv2220_firmware:-
-
cpe:2.3:o:adbglobal:vv5522_firmware:-