CVE-2019-13405
CVE-2019-13405 affects AndroVideo Advan VD-1 firmware v230. The issue is broken access control allowing an unauthenticated POST to cgibin/AdbSetting.cgi to enable ADB, enabling the attacker to take control of the device as a relay or install mining software. The public docs do not provide a patch...