mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 11:05:39 +02:00
0xMarcio
866 B
866 B
CVE-2019-13405
Description
A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software.
POC
Reference
Github
No PoCs found on GitHub currently.