CVE-2018-13110

EUVD-2018-5059
All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
HIGH
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
Affected Products (NVD)
VendorProductVersion
adbglobaldv2210_firmware
-
adbglobalvv2220_firmware
-
adbglobalvv5522_firmware
-
adbglobalprg_av4202n_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/148430/ADB-Group-Manipulation-Privilege-Escalation.html
http://seclists.org/fulldisclosure/2018/Jul/19
http://www.securityfocus.com/archive/1/542118/100/0/threaded
https://www.exploit-db.com/exploits/44984/
https://www.sec-consult.com/en/blog/advisories/privilege-escalation-via-linux-group-manipulation-in-all-adb-broadband-gateways-routers/
http://packetstormsecurity.com/files/148430/ADB-Group-Manipulation-Privilege-Escalation.html
http://seclists.org/fulldisclosure/2018/Jul/19
http://www.securityfocus.com/archive/1/542118/100/0/threaded
https://www.exploit-db.com/exploits/44984/
https://www.sec-consult.com/en/blog/advisories/privilege-escalation-via-linux-group-manipulation-in-all-adb-broadband-gateways-routers/