10 matches found
EUVD-2019-4899
Malware in sbrugna...
EUVD-2024-27366
Malicious code in bioql PyPI...
CVE-2024-2414
The primary channel is unprotected on Movistar 4G router affecting E version SWLD71-T1v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges...
CVE-2024-2414
CVE-2024-2414 affects Movistar 4G router (S_WLD71-T1_v2.0.201820). The issue is an unprotected primary channel with the adb service listening on port 5555, granting a root shell. Public sources report root-access via ADB pre-auth, high impact (C:H, I:H, A:H) with adjacent attack vector and no use...
CVE-2024-2414 Unprotected Primary Channel vulnerability in Movistar 4G router
The primary channel is unprotected on Movistar 4G router affecting E version SWLD71-T1v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges...
PT-2022-11070
Name of the Vulnerable Software and Affected Versions Android versions Android-11 through Android-12L Description The issue is related to a missing permission check in the broadcastPortInfo of AdbService.java. This could allow apps to run code as the shell user if wireless debugging is enabled,...
Improper access control
A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software...
CVE-2019-13405
CVE-2019-13405 affects AndroVideo Advan VD-1 firmware v230. The issue is broken access control allowing an unauthenticated POST to cgibin/AdbSetting.cgi to enable ADB, enabling the attacker to take control of the device as a relay or install mining software. The public docs do not provide a patch...
CVE-2019-13405 Advan VD-1 allows a remote user to enable Android Debug Bridge without any authentication
A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software...
Thousands of Android Devices Running Insecure Remote ADB Service
Despite warnings about the threat of leaving insecure remote services enabled on Android devices, manufacturers continue to ship devices with open ADB debug port setups that leave Android-based devices exposed to hackers. Android Debug Bridge ADB is a command-line feature that generally uses for...