HomePentest-Tools.com Logo

D-Link DIR Routers OS Command Injection Vulnerability (Mar 2018) CVE-2018-6530

Severity
CVSSv3 Score
9.8
Vulnerability description

D-Link Routers DIR-860L, DIR-865L, DIR-868L and DIR-880L are prone to an OS command injection vulnerability.

Risk description

The OS command injection is possible through the service parameter in soap.cgi. Successful exploitation would allow an attacker to execute arbitrary OS commands, effectively gaining complete control over the target system.

Recommendation

Update to DIR-860L 1.11, DIR-865L 1.10, DIR-868L 1.20 or DIR-880L 1.08b06 respectively.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 6, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available