D-Link.Realtek.SDK.Miniigd.UPnP.SOAP.Command.Execution
Description
This indicates an attack attempt to exploit a Command Execution vulnerability in multiple D-Link routers.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious SOAP/XML file. A remote attacker may be able to exploit this to execute arbitrary code on vulnerable systems.
Outbreak Alert
FortiGuard Labs continue to see Realtek SDK vulnerabilities being exploited in the wild with over 10,000+ average IPS detections per month to deploy and distribute Denial-of-service botnet malware such as new Hinata Botnet, RedGoBot, GooberBot and Marai based Botnet.
Affected Products
D-Link DIR-501 miniigd v1.08 and prior
D-Link DIR-515 miniigd v1.08 and prior
D-Link DIR-600L miniigd v1.08 and prior
D-Link DIR-605L miniigd v1.08 and prior
D-Link DIR-615 miniigd v1.08 and prior
D-Link DIR-619L miniigd v1.08 and prior
D-Link DIR-809 miniigd v1.07 and prior
D-Link DIR-900L miniigd v1.08 and prior
D-Link DIR-905L miniigd v1.08 and prior
Trendnet TEW-731BR miniigd v1.08 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable system.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055
Version Updates
Date | Version | Detail |
---|---|---|
2023-03-31 | 0.00345 |