⚠ Actively exploited

Added to CISA KEV on 2023-09-18. Federal agencies required to patch by 2023-10-09. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2014-8361

CWE-20 — Improper Input Validation11 documents9 sources

Severity

9.8CRITICAL

EPSS

93.9%

top 0.13%

CISA KEV

KEV

Added 2023-09-18

Due 2023-10-09

Exploit

Exploited in wild

Active exploitation observed

Affected products

Dlink Dir-900l Firmware Aterm W1200ex-ms Firmware Aterm W1200ex Firmware +15 more

Timeline

PublishedMay 1

KEV addedSep 18

KEV dueOct 9

CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages18 packages

▶NVDdlink/dir-900l_firmware< 1.15b01

▶NVDaterm/w1200ex_firmware1.3.1

▶NVDdlink/dir-501_firmware1.01b04

▶NVDdlink/dir-515_firmware1.01b04

▶NVDdlink/dir-615_firmware6.06b03+1

🔴Vulnerability Details

GHSA

GHSA-r272-2vh9-q99x: The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request↗2022-05-13

▶

CVEList

CVE-2014-8361: The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the↗2015-05-01

▶

VulnCheck

Realtek SDK Improper Input Validation Vulnerability↗2014

▶

💥Exploits & PoCs

Exploit-DB

Realtek SDK - Miniigd UPnP SOAP Command Execution (Metasploit)↗2015-06-01

▶

🔍Detection Rules

Suricata

ET EXPLOIT Realtek SDK Miniigd UPnP SOAP Command Execution CVE-2014-8361 - Outbound↗2019-05-08

▶

Suricata

ET EXPLOIT Realtek SDK Miniigd UPnP SOAP Command Execution CVE-2014-8361↗2017-12-05

▶

📋Vendor Advisories

CISA

Realtek SDK Improper Input Validation Vulnerability↗2023-09-18

▶

🕵️Threat Intelligence

Unit42

IoT Malware Evolves to Harvest Bots by Exploiting a Zero-day Home Router Vulnerability↗2018-01-11

▶

Unit42

IoT Malware Evolves to Harvest Bots by Exploiting a Zero-day Home Router Vulnerability↗2018-01-11

▶

Threat Intel

Nexus Zeta

▶