CVE-2018-20057

Name of the Vulnerable Software and Affected Versions D-Link DIR-619L version 2.06B1 D-Link DIR-605L version 2.12B1

Description An issue was discovered in the /bin/boa component of D-Link DIR-619L and DIR-605L devices. The goform/formSysCmd endpoint allows remote authenticated users to execute arbitrary OS commands via the sysCmd POST parameter. This is related to a failure to neutralize special elements used in the operating system command. Exploitation of this issue may allow a remote attacker to execute arbitrary commands.

Recommendations For D-Link DIR-619L version 2.06B1, consider disabling the goform/formSysCmd endpoint until a patch is available. For D-Link DIR-605L version 2.12B1, restrict access to the sysCmd parameter in the goform/formSysCmd endpoint to minimize the risk of exploitation.