Intrusion Prevention

D-Link.Products.Diagnostic.PHP.Remote.Command.Execution

Description

This indicates a possible attack against a Command Injection vulnerability in Multiple D-Link Devices.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when parsing HTTP requests. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted HTTP request.

Affected Products

DIR-815 v1.03b02
DIR-645 v1.02
DIR-645 v1.03
DIR-600 v2.16b01 and prior versions
DIR-300 revB v2.13b01
DIR-300 revB v2.14b01
DIR-412 Ver 1.14WWB02
DIR-456U Ver 1.00ONG
DIR-110 Ver 1.01

Impact

System Compromise: Remote attackers can execute arbitrary code on vulnerable systems.

Recommended Actions

Upgrade device to the latest firmware version.
http://www.dlink.com