EpiCentro Firmware 7.3.2+ Script Injection / Buffer Overflow

EpiCentro firmware version 7.3.2+ suffers from buffer overflow and script insertion vulnerabilities.


MD5 | 43779433ec8b0fd8934e3151327f3e97


The following vulnerabilities have been detected in the EpiCentro firmware 7.3.2+ being used on ADB VDSL modem / routers:

1. CVE-2018-7633 Script Injection in ADB EpiCentro 7.3.2+ login form language parameter https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7633 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7633>
Product: EpiCentro
Vendor: ADB Global
Tested Version: 7.3.2
CVE ID: 2018-7633
Severity: medium
Severity Rating: CVSS v3 Base Score: 5,4 AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Impact: Execution of injected Javascript
Locally Exploitable: no
Remotely Exploitable: Yes
Explanation: https://fschallock.wordpress.com/2018/10/08/cve-2018-7633-script-injection-in-the-login-form-language-parameter-of-adb-firmware-epicentro-7-3-2/ <https://fschallock.wordpress.com/2018/10/08/cve-2018-7633-script-injection-in-the-login-form-language-parameter-of-adb-firmware-epicentro-7-3-2/>

2. CVE-2018-7632 Buffer Overflow in ADB EpiCentro 7.3.2+ httpd leading to a Denial of Service condition https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7632 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7632>
Product: EpiCentro
Vendor: ADB Global
Tested Version: 7.3.2
CVE ID: 2018-7632
Severity: severe
Severity Rating: CVSS v3 Base Score: 7,5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Impact: Denial of Service
Locally Exploitable: no
Remotely Exploitable: Yes
Explanation: https://fschallock.wordpress.com/2018/10/08/cve-2018-7632-buffer-overflow-in-httpd-in-epicentro-e_7-3-2-allows-attackers-to-cause-a-denial-of-service-attack-remotely-via-a-specially-crafted-get-request/ <https://fschallock.wordpress.com/2018/10/08/cve-2018-7632-buffer-overflow-in-httpd-in-epicentro-e_7-3-2-allows-attackers-to-cause-a-denial-of-service-attack-remotely-via-a-specially-crafted-get-request/>

3. CVE-2018- 7631 Buffer Overflow in ADB EpiCentro 7.3.2+ httpd leading to Remote Code Execution (RCE) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7632 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7632>
Product: EpiCentro
Vendor: ADB Global
Tested Version: 7.3.2
CVE ID: 2018-7631
Severity: critical
Severity Rating: CVSS v3 Base Score: 10,0 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Impact: Code Execution
Locally Exploitable: no
Remotely Exploitable: Yes

Explanation: https://fschallock.wordpress.com/2018/10/07/cve-2018-7631-rce-in-adb-epicentro-7-3-2-httpd/ <https://fschallock.wordpress.com/2018/10/07/cve-2018-7631-rce-in-adb-epicentro-7-3-2-httpd/>

The vulnerabilities were discovered and disclosed to the manufacturer ADB and the ISP A1 Telekom Austria prior to general public announcement. In accordance to information received from both parties a fix has been produced and rolled out to all customers / devices. I have not examined the fix and therefore can not comment on its effectivity.

Felix




Related Posts