Realtek SDK miniigd : Authentication Bypass - Remote Code Execution
08 Μαΐου, 2015
Overview
There is a vulnerability in a RealTek SDK, which allowed unauthenticated remote code execution.
References
Discovered by Ricky "HeadlessZeke" Lawshae
Zero Day Initiative Disclosure Link
CVE Link
Description
The miniigd service fails to properly sanitize user input on its NewInternalClient function before performing a system call. A malicious user could craft a request which would lead to the device executing arbitrary code of the attacker's choosing.
Affected Product
Model Name |
HW Version |
Vulnerable Software |
Vulnerable FW Version |
New FW Version for this exploit fix |
DIR-605L |
A1/Bx |
miniigd v1.08 |
A1: 1.14B06 and older Bx: 2.07B02 and older |
FW A1: 1.16b01 FW B1: 2.08b02 |
Security patch for your D-Link Devices
These firmware updates address the security vulnerabilities in affected D-Link devices. D-Link will update this continually and we strongly recommend all users to install the relevant updates.
As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.