CVE-2018-6530 Scanner
Detects 'Remote Code Execution (RCE)' vulnerability in D-Link DIR-880L affects v. DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and before.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Domain, Ipv4
Toolbox
-
The D-Link DIR-880L is a popular wireless router used in both home and business settings. It provides high-speed wireless internet access and network connectivity to multiple devices, making it an essential tool for those who rely on the internet for work, study, entertainment and communication. The router provides remarkable features such as wireless AC connectivity, dual-band Wi-Fi, and Gigabit Ethernet ports, which makes it easier to manage your network.
However, the router has been found to have a security vulnerability known as CVE-2018-6530. This vulnerability is a command injection vulnerability that exists in soap.cgi (soap_cgi_main in cgibin). It is present in the firmware of D-Link DIR-880L, DIR-868L, DIR-865L, and DIR-860L routers. This vulnerability allows an attacker to execute arbitrary OS commands by sending a request using the service parameter.
If exploited, this vulnerability can lead to complete access to the router by an attacker, allowing them to gain control of the network. An attacker could gain access to private and confidential data, potentially stealing sensitive information such as passwords, banking details, and personal information. Moreover, an attacker could use the router as part of a Botnet to conduct further attacks or steal information from other connected networks.
Thankfully, with the pro features of the SecurityForEveryone.com platform, individuals and businesses can easily and quickly discover vulnerabilities in their digital assets. This platform scans for vulnerabilities, provides detailed reports, and suggests solutions to optimize security. By using its advanced capabilities, users can protect their digital assets effectively. Therefore, SecurityForEveryone.com is an essential tool that can help users to identify and solve security risks.
REFERENCES
- ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PATCH_NOTES_1.20B01_EN_WW.pdf
- ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PATCH_NOTES_1.11B01_EN_WW.pdf
- https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto
- ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PATCH_NOTES_1.10B01_EN_WW.pdf
- ftp://ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PATCH_NOTES_1.08B06_EN_WW.pdf
control security posture