Intrusion PreventionD-Link.DWR.Series.Sip.Remote.Code.Execution
Description
This indicates an attack attempt to exploit a Remote Code Execution vulnerability in D-Link DWR series Router.
The vulnerability is due to the software's failure to adequately check user-supplied data in HTTP requests. Remote attackers may exploit this to execute arbitrary code.
Affected Products
D-Link DWR-116 Firmware V.1.06 and priors
D-Link DWR-512 Firmware V.2.02 and priors
D-Link DWR-712 Firmware V.2.02 and priors
D-Link DWR-912 Firmware V.2.02 and priors
D-Link DWR-921 Firmware V.2.02 and priors
D-Link DWR-111 Firmware V.1.01 and priors
Impact
System Compromise: Remote attackers can execute arbitrary code on vulnerable systems.
Recommended Actions
Currently we are not aware of any vendor supplied patch for this issue
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-05-16 | 27.789 | Name:D-Link. DWR. CVE-2018-10823. Remote. Code. Execution:D-Link. DWR. Series. Sip. Remote. Code. Execution |
| 2022-05-16 | 20.316 | Default_action:pass:drop |
| 2022-04-07 | 20.293 |
| ID | 51354 |
| Created | Mar 31, 2022 |
| Updated | May 15, 2024 |
| Risk |
|
| CVE ID | CVE-2018-10823 |
| Exploit Prediction Score | 95.68% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |