CVE-2014-8361
CRITICAL
9,8
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH
10,0
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: complete
Integrity: complete
Availability: complete
Description
AI Translation Available
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,9399
Percentile
1,0th
Updated
EPSS Score Trend (Last 90 Days)
Exploit
Realtek SDK - Miniigd UPnP SOAP Command Execution …
Verified Metasploit Framework (MSF)Realtek SDK - Miniigd UPnP SOAP Command Execution (Metasploit)
View Exploit Code →
Operating System
Dir-605L Firmware by Dlink
Version Range Affected
To
1.14b06
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-905L Firmware by Dlink
Version Range Affected
To
2.05b01
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-905l_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wr8165N Firmware by Aterm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wr8165n_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wf300Hp2 Firmware by Aterm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wf300hp2_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-615 Firmware by Dlink
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-615_firmware:10.01b02:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-501 Firmware by Dlink
Version Range Affected
To
1.01b04
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-501_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-619L Firmware by Dlink
Version Range Affected
To
1.15
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-619l_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-619L Firmware by Dlink
Version Range Affected
To
2.07b02
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-619l_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wg1200Hs2 Firmware by Aterm
Version Range Affected
To
2.5.0
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wg1200hs2_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-809 Firmware by Dlink
Version Range Affected
To
1.04b02
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-809_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wf800Hp Firmware by Aterm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wf800hp_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
W500P Firmware by Aterm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:w500p_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-515 Firmware by Dlink
Version Range Affected
To
1.01b04
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-515_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Realtek Sdk by Realtek
CPE Identifier
View Detailed Analysis
cpe:2.3:a:realtek:realtek_sdk:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
W300P Firmware by Aterm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:w300p_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-605L Firmware by Dlink
Version Range Affected
To
3.03b07
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wg1200Hp3 Firmware by Aterm
Version Range Affected
To
1.3.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wg1200hp3_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
W1200Ex Firmware by Aterm
Version Range Affected
To
1.3.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:w1200ex_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-605L Firmware by Dlink
Version Range Affected
To
2.07b02
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wg1200Hs Firmware by Aterm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wg1200hs_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-600L Firmware by Dlink
Version Range Affected
To
1.15
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wg1900Hp2 Firmware by Aterm
Version Range Affected
To
1.3.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wg1900hp2_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wg1200Hp Firmware by Aterm
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wg1200hp_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wg1800Hp4 Firmware by Aterm
Version Range Affected
To
1.3.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wg1800hp4_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-600L Firmware by Dlink
Version Range Affected
To
2.056b06
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
W1200Ex-Ms Firmware by Aterm
Version Range Affected
To
1.3.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:w1200ex-ms_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wg1900Hp Firmware by Aterm
Version Range Affected
To
2.5.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wg1900hp_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wg1800Hp3 Firmware by Aterm
Version Range Affected
To
1.5.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wg1800hp3_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-900L Firmware by Dlink
Version Range Affected
To
1.15b01
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-900l_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Dir-615 Firmware by Dlink
Version Range Affected
To
6.06b03
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:dlink:dir-615_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Wg1200Hp2 Firmware by Aterm
Version Range Affected
To
2.5.0
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:aterm:wg1200hp2_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014…
http://jvn.jp/en/jp/JVN47580234/index.html
http://jvn.jp/en/jp/JVN67456944/index.html
http://packetstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Comma…
http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055
https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/
https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/…
https://www.exploit-db.com/exploits/37169/
http://www.securityfocus.com/bid/74330
http://www.zerodayinitiative.com/advisories/ZDI-15-155/
http://jvn.jp/en/jp/JVN47580234/index.html
http://jvn.jp/en/jp/JVN67456944/index.html
http://packetstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Comma…
http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055
https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/
https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/…
https://www.exploit-db.com/exploits/37169/
http://www.securityfocus.com/bid/74330
http://www.zerodayinitiative.com/advisories/ZDI-15-155/