CRITICAL🇵🇱 Wersja polska

CVE-2023-51123

CVSS 9.8v3.1pub. 2024-01-10upd. 2025-06-20

An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary code via a crafted POST request to the service parameter in the soapcgi_main function of the cgibin binary component.

🤖 AI Analysis
How it works

An attacker sends a crafted HTTP POST request to the device's CGI component, passing a malicious value in the 'service' parameter handled by the soapcgi_main function in the cgibin binary component. Lack of proper input validation (CWE-78 — command injection) causes the passed value to be interpreted as a system command and executed in the device's context. The attack is possible remotely, without authentication and without user interaction, making it particularly dangerous.

Impact

An attacker can execute arbitrary code on the vulnerable device, gaining full control over the router, including the ability to modify configuration, intercept network traffic, and use the device as an entry point for further attacks on the internal network.

Mitigation & patch

Apply patches available from the manufacturer according to references. If an update is not available, it is recommended to restrict access to the device management interface through a firewall or isolate the device from untrusted networks, and consider replacing the device with a model actively supported by the manufacturer.

Who is affected

D-Link DIR-815 with firmware version 1.01SSb08.bin

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Dlink Dir 815

    HW
    Dlink
    wszystkie wersje
  • Dlink Dir 815 Firmware

    OS
    Dlink
    1.01ssb08.bin
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCECommand Injection
CWE
References

Related vulnerabilities

CVE-2018-25115CRITICAL10.0PL ✓ten sam produkt

D-Link DIR-series — nieuwierzytelniony command injection w service.cgi (root RCE)

CVE-2024-22651CRITICAL9.8PL ✓ten sam produkt

Command injection w routerze D-Link DIR-815 — podatność krytyczna (CVSS 9.8)

CVE-2018-10106CRITICAL9.8ten sam produkt

D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission byp...

CVE-2014-8888CRITICAL9.8ten sam produkt

The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02 allows remote atta...

CVE-2015-0150CRITICAL9.8ten sam produkt

The remote administration UI in D-Link DIR-815 devices with firmware before 2.07.B01 allows remote attackers t...