Realtek SDK miniigd : Authentication Bypass - Remote Code Execution

Freitag 8 Mai 2015 15:29

Overview

There is a vulnerability in a RealTek SDK, which allowed unauthenticated remote code execution.
 
References

Discovered by Ricky "HeadlessZeke" Lawshae
Zero Day Initiative Disclosure 
Link
CVE Link
 
Description

The miniigd service fails to properly sanitize user input on its NewInternalClient function before performing a system call.  A malicious user could craft a request which would lead to the device executing arbitrary code of the attacker's choosing.


Affected Product
 

Model Name

HW Version

Vulnerable Software

Vulnerable FW Version

New FW Version for this exploit fix

DIR-605L

A1/Bx

miniigd v1.08

A1: 1.14B06 and older

Bx: 2.07B02 and older

FW A1: 1.16b01

FW B1: 2.08b02

Security patch for your D-Link Devices
 
These firmware updates address the security vulnerabilities in affected D-Link devices. D-Link will update this continually and we strongly recommend all users to install the relevant updates.
 
As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.

Weitersagen

Pressekontakt