CVE-2018-6530
CVE-2018-6530
In short
A vulnerability in the soap.cgi web interface of several D-Link routers allows attackers to execute arbitrary commands on the device by sending specially crafted requests. This can give attackers complete control over your router.
Technical detail
OS command injection in soap.cgi (soapcgi_main function) allows unauthenticated remote attackers to execute arbitrary OS commands via unsanitized input in the 'service' parameter. The vulnerability affects multiple D-Link router models (DIR-880L, DIR-868L, DIR-865L, DIR-860L) and requires only network access to the affected device's web interface.
Summary generated and translated by AI from the official description.
OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdfftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdfftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdfftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdfhttps://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-protohttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-6530