← Voltar para CVEs
CVE-2018-13109
N/ADescricao
All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be able to enable the TELNET server or other settings as well.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado7/6/2018
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
adbglobal:dv2210adbglobal:dv2210_firmwareadbglobal:prg_av4202nadbglobal:prg_av4202n_firmwareadbglobal:vv2220adbglobal:vv2220_firmwareadbglobal:vv5522adbglobal:vv5522_firmware
Fraquezas (CWE)
CWE-863
Referencias
http://seclists.org/fulldisclosure/2018/Jul/18(cve@mitre.org)
http://www.securityfocus.com/archive/1/542119/100/0/threaded(cve@mitre.org)
https://www.exploit-db.com/exploits/44982/(cve@mitre.org)
https://www.sec-consult.com/en/blog/advisories/authorization-bypass-in-all-adb-broadband-gateways-routers/(cve@mitre.org)
http://packetstormsecurity.com/files/148429/ADB-Authorization-Bypass.html(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2018/Jul/18(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/542119/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/44982/(af854a3a-2127-422b-91ae-364da2661108)
https://www.sec-consult.com/en/blog/advisories/authorization-bypass-in-all-adb-broadband-gateways-routers/(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.