CVE-2017-8404

Name of the Vulnerable Software and Affected Versions D-Link DCS-1130 devices (affected versions not specified)

Description An issue was discovered on D-Link DCS-1130 devices, where the device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. The POST parameters passed in this request result in being passed as commands to a "system" API in the function, thus resulting in command injection on the device. The library "libmailutils.so" has the vulnerable function "sub 1FC4" that receives the values sent by the POST request. The value set in POST parameter receiver1 is extracted in function "sub 15AC" which is then passed to the vulnerable system API call. The vulnerable library function is accessed in "cgibox" binary at address 0x0008F598 which calls the "mailLoginTest" function in "libmailutils.so" binary, resulting in the vulnerable POST parameter being passed to the library and causing the command injection issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.