Intrusion Prevention

D-Link.Realtek.SDK.Miniigd.UPnP.SOAP.Command.Execution

Description

This indicates an attack attempt to exploit a Command Execution vulnerability in multiple D-Link routers.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious SOAP/XML file. A remote attacker may be able to exploit this to execute arbitrary code on vulnerable systems.

Affected Products

D-Link DIR-501 miniigd v1.08 and prior
D-Link DIR-515 miniigd v1.08 and prior
D-Link DIR-600L miniigd v1.08 and prior
D-Link DIR-605L miniigd v1.08 and prior
D-Link DIR-615 miniigd v1.08 and prior
D-Link DIR-619L miniigd v1.08 and prior
D-Link DIR-809 miniigd v1.07 and prior
D-Link DIR-900L miniigd v1.08 and prior
D-Link DIR-905L miniigd v1.08 and prior
Trendnet TEW-731BR miniigd v1.08 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable system.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055

CVE References

CVE-2014-8361

Other References

SAP10055 ZDI-15-155