Lucene search

K
cveMitreCVE-2018-13108
HistoryJul 06, 2018 - 2:29 p.m.

CVE-2018-13108

2018-07-0614:29:01
mitre
web.nvd.nist.gov
52
adb
broadband
gateways
routers
epicentro platform
local root jailbreak
vulnerability
root access
isp
voip credentials
network attack
nvd
cve-2018-13108

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0.003

Percentile

66.0%

All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.

Affected configurations

Nvd
Node
adbglobaldv2210Match-
AND
adbglobaldv2210_firmwareMatch-
Node
adbglobalvv2220Match-
AND
adbglobalvv2220_firmwareMatch-
Node
adbglobalvv5522Match-
AND
adbglobalvv5522_firmwareMatch-
Node
adbglobalprg_av4202nMatch-
AND
adbglobalprg_av4202n_firmwareMatch-
VendorProductVersionCPE
adbglobaldv2210-cpe:2.3:h:adbglobal:dv2210:-:*:*:*:*:*:*:*
adbglobaldv2210_firmware-cpe:2.3:o:adbglobal:dv2210_firmware:-:*:*:*:*:*:*:*
adbglobalvv2220-cpe:2.3:h:adbglobal:vv2220:-:*:*:*:*:*:*:*
adbglobalvv2220_firmware-cpe:2.3:o:adbglobal:vv2220_firmware:-:*:*:*:*:*:*:*
adbglobalvv5522-cpe:2.3:h:adbglobal:vv5522:-:*:*:*:*:*:*:*
adbglobalvv5522_firmware-cpe:2.3:o:adbglobal:vv5522_firmware:-:*:*:*:*:*:*:*
adbglobalprg_av4202n-cpe:2.3:h:adbglobal:prg_av4202n:-:*:*:*:*:*:*:*
adbglobalprg_av4202n_firmware-cpe:2.3:o:adbglobal:prg_av4202n_firmware:-:*:*:*:*:*:*:*

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0.003

Percentile

66.0%