CVE-2018-13109

Name: CVE-2018-13109
Creator: NVD / NIST
Published: 2018-07-06T14:29:01.1+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 35.86%

Last modified Jun 17, 2026

CVE-2018-13109 is a vulnerability of currently unknown severity. All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be able to enable the TELNET server or other settings as well.. EPSS estimates a 35.86% chance of exploitation in the next 30 days.

Description

All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be able to enable the TELNET server or other settings as well.

Metrics

EPSS Probability

35.86%

98.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-863

Affected Software

Vendor	Product	Versions
Adbglobal	Dv2210 Firmware	All versions
Adbglobal	Vv2220 Firmware	All versions
Adbglobal	Vv5522 Firmware	All versions
Adbglobal	Prg Av4202n Firmware	All versions

References

http://packetstormsecurity.com/files/148429/ADB-Authorization-Bypass.htmlThird Party Advisory, VDB Entry
http://seclists.org/fulldisclosure/2018/Jul/18Mailing List, Third Party Advisory
http://www.securityfocus.com/archive/1/542119/100/0/threadedThird Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/44982/Third Party Advisory, VDB Entry
https://www.sec-consult.com/en/blog/advisories/authorization-bypass-in-all-adb-broadband-gateways-routers/Exploit, Third Party Advisory
http://packetstormsecurity.com/files/148429/ADB-Authorization-Bypass.htmlThird Party Advisory, VDB Entry
http://seclists.org/fulldisclosure/2018/Jul/18Mailing List, Third Party Advisory
http://www.securityfocus.com/archive/1/542119/100/0/threadedThird Party Advisory, VDB Entry
https://www.exploit-db.com/exploits/44982/Third Party Advisory, VDB Entry
https://www.sec-consult.com/en/blog/advisories/authorization-bypass-in-all-adb-broadband-gateways-routers/Exploit, Third Party Advisory

Timeline

Published: Jul 6, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-13109?

How severe is CVE-2018-13109?

Severity scoring for CVE-2018-13109 is pending analysis. The EPSS model estimates a 35.86% probability of exploitation in the next 30 days.

How do I fix CVE-2018-13109?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-13109?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST