CVEs-PoC/2018/CVE-2018-13108.md

### [CVE-2018-13108](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13108)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.

### POC

#### Reference
- http://packetstormsecurity.com/files/148424/ADB-Local-Root-Jailbreak.html
- http://seclists.org/fulldisclosure/2018/Jul/17
- https://www.exploit-db.com/exploits/44983/
- https://www.sec-consult.com/en/blog/advisories/local-root-jailbreak-via-network-file-sharing-flaw-in-all-adb-broadband-gateways-routers/

#### Github
No PoCs found on GitHub currently.