Fortinet Discovers Remote Code Execution Vulnerability in D-Link DIR868
Fortinet's FortiGuard Labs has discovered an unauthenticated remote code execution vulnerability in the DIR868 routers shipped by the company D-Link.
D-Link manufactures a series of network routers directly competing with Linksys and Asus routers.
A malicious user can forge an authentication request that will trigger an unauthenticated buffer overflow thus allowing remote code execution with higher privileges on the vulnerable devices.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Oct 18, 2017
Upgrade your router to version 1.21.
This vulnerability was discovered by Tony Loi of Fortinet's FortiGuard Labs.