Main Vulnerability Database SB2015021302

SB2015021302 - Command execution in D-Link DIR-645

Published: February 13, 2015 Updated: September 7, 2022

Security Bulletin ID SB2015021302

Severity

Critical

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) OS command injection (CVE-ID: CVE-2015-2051)

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The weakness exists due to OS command injection in the HNAP SOAP interface. A remote attacker can supply specially crafted input to inject and execute arbitrary shell commands via a GetDeviceSettings action to the HNAP interface.

Successful exploitation of the vulnerability may result in system compromise.

Note: the vulnerability is being exploited by various attachers to deliver several Mirai variants (e.g., Satori, JenX, etc.).

Remediation

Install update from vendor's website.

References

http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10051