CVE-2014-8361
CVE-2014-8361
In short
A flaw in the Realtek SDK's miniigd SOAP service lets attackers run any code they want on affected devices by sending a specially crafted request. This is a critical vulnerability that has been actively exploited for years.
Technical detail
The miniigd SOAP service in Realtek SDK is vulnerable to unauthenticated remote code execution through a malformed NewInternalClient SOAP request. The vulnerability requires network access to the SOAP endpoint but no authentication; successful exploitation results in arbitrary code execution with device privileges.
Summary generated and translated by AI from the official description.
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 3
cve_referencewww.exploit-db.com/exploits/37169/unverifiedcve_referencepacketstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Command-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/37169unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://jvn.jp/en/jp/JVN47580234/index.htmlhttp://jvn.jp/en/jp/JVN67456944/index.htmlhttp://packetstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Command-Execution.htmlhttp://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-8361https://www.exploit-db.com/exploits/37169/http://www.securityfocus.com/bid/74330http://www.zerodayinitiative.com/advisories/ZDI-15-155/