Justin Case: Debug/test feature in init allows any user to execute shell commands as the root user on some Motorola and Sharp devices.
Lets see if we can bump my embarrassing presentation further down the page…
This vulnerability is being published now as the responsible parties have informed me that it will not be fixed due to no planned updates for the device. Very few devices are affected, seems to be limited to one small carrier (Republic Wireless) in the US.
At boot time init creates a socket at /dev/socket/init_runit, and accepts shell commands. When a command is sent, init executes the command as the root user.
Motorola Defy XT – Republic Wireless
The responsible parties for this have informed me that this issue will not be fixed due to the age of the affected device. Initial disclosure was July 9th 2013.