Cloud Defense Logo

Products

Solutions

Company

CVE-2020-35757 : Vulnerability Insights and Analysis

Discover the vulnerability allowing unauthenticated users to gain root privileges on Libre Wireless LS9 LS1.5/p7040 devices through ADB over TCP. Learn how to mitigate and prevent unauthorized access.

An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices, allowing Unauthenticated Root ADB Access Over TCP.

Understanding CVE-2020-35757

What is CVE-2020-35757?

The vulnerability on Libre Wireless LS9 LS1.5/p7040 devices enables unauthenticated users to gain root privileges through ADB over TCP.

The Impact of CVE-2020-35757

The vulnerability allows unauthorized users to access the web interface and potentially compromise the LS9 module.

Technical Details of CVE-2020-35757

Vulnerability Description

The LS9 web interface permits ADB over TCP, which can be activated by sending a specific request to the web management interface without authentication.

Affected Systems and Versions

        Product: Libre Wireless LS9 LS1.5/p7040
        Version: Not specified

Exploitation Mechanism

        Unauthenticated users can exploit the vulnerability by sending crafted requests to the web interface endpoint, granting them root privileges on the LS9 module.

Mitigation and Prevention

Immediate Steps to Take

        Disable ADB over TCP functionality if not required
        Implement network segmentation to restrict access to vulnerable devices

Long-Term Security Practices

        Regularly update firmware and apply security patches
        Conduct security assessments and penetration testing to identify vulnerabilities

Patching and Updates

        Check for firmware updates from Libre Wireless to address the vulnerability

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now