Freeciv exploit11/11/2023 It is possible to access forbidden entries within the first layer of the web GUI, any further subsequent layers/paths (sub menus) were not possible to access during testing but further exploitation can't be ruled out entirely. An authenticated attacker is able to bypass those restrictions by adding a second slash in front of the forbidden entry of the path in the URL. Vulnerability overview/description: - 1) Authorization bypass vulnerability (CVE-2018-13109) Depending on the firmware version/feature-set of the ISP deploying the ADB device, a standard user account may not have all settings enabled within the web GUI. It is assumed that further critical vulnerabilities exist within the firmware of this device. It is highly recommended by SEC Consult to perform a thorough security review by security professionals for this platform. the default one provided by the ISP or printed on the device can be used. The attacker needs some user account, regardless of the permissions, for login, e.g. enable the telnet server for remote access if it had been previously disabled by the ISP. It is also possible to manipulate settings to e.g. ADB employs over 500 people, of which 70% are in engineering functions." Source: Business recommendation: - By exploiting the authorization bypass vulnerability on affected and unpatched devices an attacker is able to gain access to settings that are otherwise forbidden for the user, e.g. ADB has sold over 60 million devices worldwide to cable, satellite, IPTV and broadband operators. The company sold its first set-top box in 1997 and since then has been delivering a number of set-top boxes, and Gateway devices, together with advanced software platforms. We combine ADB know-how and products with those from a number of third party industry leaders to deliver complete solutions that benefit from collaborative thinking and best in class technologies." Source: "Founded in 1995, ADB initially focused on developing and marketing software for digital TV processors and expanded its business to the design and manufacture of digital TV equipment in 1997. fixed version: see "Solution" section below CVE number: CVE-2018-13109 impact: critical homepage: found: by: Johannes Greil (Office Vienna) SEC Consult Vulnerability Lab An integrated part of SEC Consult Europe | Asia | North America = Vendor description: - "ADB creates and delivers the right solutions that enable our customers to reduce integration and service delivery challenges to increase ARPU and reduce churn. SEC Consult Vulnerability Lab Security Advisory = title: Authorization Bypass product: All ADB Broadband Gateways / Routers (based on Epicentro platform) vulnerable version: Hardware: ADB P.RG AV4202N, DV2210, VV2220, VV5522, etc.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |