CVE-2019-13405

2019-08-29T01:15:00
ID CVE-2019-13405
Type cve
Reporter cve@mitre.org
Modified 2019-09-05T14:18:00

Description

A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software.