CVE-2018-1998620

Name of the Vulnerable Software and Affected Versions D-Link DIR-822 versions Rev.B through Rev.C D-Link DIR-860L version Rev.B D-Link DIR-868L version Rev.B D-Link DIR-880L version Rev.A D-Link DIR-890L version Rev.A D-Link DIR-818LW version Rev.A D-Link DIR-822 version B1

Description The issue exists due to the failure to neutralize special elements used in the operating system command. Exploitation of this issue may allow a remote attacker to execute arbitrary commands using a specially crafted XML message to the /HNAP1 API endpoint, specifically to SetAccessPointMode, SetClientInfoDemo, or SetRouterSettings. This could impact the confidentiality, integrity, and availability of protected information.

Recommendations For D-Link DIR-822 versions Rev.B through Rev.C, update the firmware to a version that includes a fix for this issue. For D-Link DIR-860L version Rev.B, restrict access to the /HNAP1/SetAccessPointMode API endpoint until a patch is available. For D-Link DIR-868L version Rev.B, consider disabling the SetClientInfoDemo function until a fix is released. For D-Link DIR-880L version Rev.A, avoid using the SetRouterSettings API endpoint until the issue is resolved. For D-Link DIR-890L version Rev.A, apply configuration changes to minimize the risk of exploitation. For D-Link DIR-818LW version Rev.A, update the firmware to a version that includes a fix for this issue. For D-Link DIR-822 version B1, restrict access to the /HNAP1/SetRouterSettings API endpoint until a patch is available.