CVE-2019-8312

Name of the Vulnerable Software and Affected Versions D-Link DIR-878 version 1.12A1

Description The issue is related to a Command Injection, allowing a remote attacker to execute arbitrary code and gain a root shell. This occurs when the twsystem function is called with untrusted input from the request body for the SetSysLogSettings API function, potentially via a crafted /HNAP1 POST request. The vulnerability is also associated with insufficient input sanitization in the SetSysLogSettings() function, which can be exploited by a remote attacker to execute arbitrary code.

Recommendations For D-Link DIR-878 version 1.12A1, consider disabling the SetSysLogSettings API function or restricting access to it until a patch is available. Additionally, avoid using the IPAddress field in the SetSysLogSettings API function with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.