Main Vulnerability Database Vulnerabilities #VU13616

#VU13616 Authorization bypass in Advanced Digital Broadcast products - CVE-2018-13109

Published: July 9, 2018 / Updated: June 17, 2021

Vulnerability identifier: #VU13616

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: CVE-2018-13109

CWE-ID: CWE-862

Exploitation vector: Local access

Exploit availability: Public exploit is available

Vulnerable software:
ADB VV 2220
ADB VV 5522
ADB DV 2210
ADB P.RG AV4202N

Software vendor:
Advanced Digital Broadcast

Description

The vulnerability allows a local attacker can gain elevated privileges on the target system.

The weakness exists in ADB broadband gateways / routers based on the Epicentro platform due to authorization bypass. A local attacker can access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP) and enable the TELNET server or other settings as well.

Remediation

Install update from vendor's website.

External links

http://seclists.org/fulldisclosure/2018/Jul/18

#VU13616 Authorization bypass in Advanced Digital Broadcast products - CVE-2018-13109

Description

Remediation

External links

Please verify you're human