• April 18, 2024, 08:39:34 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DIR-868L - FortiGuard - pre-authenticated remote code execution vulnerability  (Read 2572 times)

GreenBay42

  • Administrator
  • Level 11 Member
  • *
  • Posts: 2752
DIR-868L - FortiGuard - pre-authenticated remote code execution vulnerability
« on: April 19, 2018, 09:42:04 AM »
Read info at https://www.fortinet.com/blog/threat-research/fortiguard-labs-discovers-vulnerability-in--d-link-router-dir868.html

Note this only affects the DIR-868L with firmware v1.09SHC (Singapore StarHub users)


The CGIBIN’s URI /authentication.cgi that handles authentication didn’t sanitize the input properly. As a result, a maliciously crafted HTTP request can cause a buffer overflow and lead to remote code execution.

Affected models: DIR868L

Affected firmware: v1.09SHC

Fixed firmware: v1.21SHCb03

Due to the severity and ease of exploitation of this vulnerability, FortiGuard Labs has followed a responsible disclosure protocol, which includes only releasing a partial disclosure as a warning for our customers, but which does not include code samples or a detailed description of the exploit.

We have recently observed that more than one hundred devices reachable via the internet are still using the old firmware, and are affected by this vulnerability. If you own any of the affected models, please go to http://www.dlink.com.sg/dir-868l/#firmware to update your device to the latest version as soon as possible.

Logged