CVE-2018-20674

Name of the Vulnerable Software and Affected Versions D-Link DIR-822 C1 versions prior to v3.11B01Beta D-Link DIR-822-US C1 versions prior to v3.11B01Beta D-Link DIR-850L A* versions prior to v1.21B08Beta D-Link DIR-850L B* versions prior to v2.22B03Beta D-Link DIR-880L A* versions prior to v1.20B02Beta

Description The issue is related to the lack of input data sanitization in the firmware of D-Link routers. This allows an authenticated remote attacker to execute arbitrary commands.

Recommendations For D-Link DIR-822 C1 versions prior to v3.11B01Beta, update to v3.11B01Beta or later. For D-Link DIR-822-US C1 versions prior to v3.11B01Beta, update to v3.11B01Beta or later. For D-Link DIR-850L A* versions prior to v1.21B08Beta, update to v1.21B08Beta or later. For D-Link DIR-850L B* versions prior to v2.22B03Beta, update to v2.22B03Beta or later. For D-Link DIR-880L A* versions prior to v1.20B02Beta, update to v1.20B02Beta or later.