Multiple
D-Link routers have vulnerabilities in their Common Gateway Interface (CGI) that
if exploited could result in remote code execution.The Carnegie Mellon University Software Engineering Institute's CERT/CC reported the CGI codes have two flaws: The /apply_sec.cgi code is exposed to unauthenticated users and the ping_ipaddr argument of the ping_test action fails to properly handle newline characters.The result is that any arguments after a newline character sent as ping_ipaddr in a POST to /apply_sec.cgi are executed on the device with root privileges.“By
performing an HTTP POST request to a vulnerable router's /apply_sec.cgi page, a
remote, unauthenticated attacker may be able to execute commands with root
privileges on an affected device. This action can happen as the result of
viewing a specially-crafted web page,” the report said.The products affected are the DIR-655, DIR-866L, DIR-652, DHP-1565, DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835 and DIR-825.There is
currently no patch, update or workaround available for these problems.
Additionally, D-Link no longer supports the affected routers.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds