CVE-2013-5946: OS Command Injection
First published: Thu Dec 19 2013(Updated: )
The runShellCmd function in systemCheck.htm in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "Ping or Trace an IP Address" or (2) "Perform a DNS Lookup" section.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| D-Link DSR-500 | <=1.08b51 | |
| D-Link DSR-500 | =1.02b11 | |
| D-Link DSR-500 | =1.02b25 | |
| D-Link DSR-500 | =1.03b12 | |
| D-Link DSR-500 | =1.03b23 | |
| D-Link DSR-500 | =1.03b27 | |
| D-Link DSR-500 | =1.03b36 | |
| D-Link DSR-500 | =1.03b43 | |
| D-Link DSR-500 | =1.04b58 | |
| D-Link DSR-500 | =1.06b43 | |
| D-Link DSR-500 | =1.06b53 | |
| D-Link DSR-500 | ||
| D-Link DSR-150N | <=1.05b48 | |
| D-Link DSR-150N | ||
| D-Link DSR-250N Firmware | <=1.08b39 | |
| D-Link DSR-250N Firmware | =1.01b46 | |
| D-Link DSR-250N Firmware | =1.01b56 | |
| D-Link DSR-250N Firmware | =1.05b20 | |
| D-Link DSR-250N Firmware | =1.05b53 | |
| D-Link DSR-250N Firmware | =1.08b31 | |
| D-Link DSR-250N Firmware | ||
| D-Link DSR-1000AC | <=1.08b51 | |
| D-Link DSR-1000AC | =1.01b50 | |
| D-Link DSR-1000AC | =1.02b11 | |
| D-Link DSR-1000AC | =1.02b25 | |
| D-Link DSR-1000AC | =1.03b12 | |
| D-Link DSR-1000AC | =1.03b23 | |
| D-Link DSR-1000AC | =1.03b27 | |
| D-Link DSR-1000AC | =1.03b36 | |
| D-Link DSR-1000AC | =1.03b43 | |
| D-Link DSR-1000AC | =1.04b58 | |
| D-Link DSR-1000AC | =1.06b43 | |
| D-Link DSR-1000AC | =1.06b53 | |
| D-Link DSR-1000AC | ||
| D-Link DSR-150 | <=1.08b29 | |
| D-Link DSR-150 | =1.05b29 | |
| D-Link DSR-150 | =1.05b35 | |
| D-Link DSR-150 | =1.05b46 | |
| D-Link DSR-150 | =1.05b50 | |
| D-Link DSR-150 | ||
| D-Link DSR-250 | <=1.08b39 | |
| D-Link DSR-250 | =1.01b46 | |
| D-Link DSR-250 | =1.01b56 | |
| D-Link DSR-250 | =1.05b20 | |
| D-Link DSR-250 | =1.05b53 | |
| D-Link DSR-250 | =1.08b31 | |
| D-Link DSR-250 | ||
| D-Link DSR-1000N | <=1.08b51 | |
| D-Link DSR-1000N | =1.01b50 | |
| D-Link DSR-1000N | =1.02b11 | |
| D-Link DSR-1000N | =1.02b25 | |
| D-Link DSR-1000N | =1.03b12 | |
| D-Link DSR-1000N | =1.03b23 | |
| D-Link DSR-1000N | =1.03b27 | |
| D-Link DSR-1000N | =1.03b36 | |
| D-Link DSR-1000N | =1.03b43 | |
| D-Link DSR-1000N | =1.04b58 | |
| D-Link DSR-1000N | =1.06b43 | |
| D-Link DSR-1000N | =1.06b53 | |
| D-Link DSR-1000N | ||
| D-Link DSR-500N | <=1.08b51 | |
| D-Link DSR-500N | =1.02b11 | |
| D-Link DSR-500N | =1.02b25 | |
| D-Link DSR-500N | =1.03b12 | |
| D-Link DSR-500N | =1.03b23 | |
| D-Link DSR-500N | =1.03b27 | |
| D-Link DSR-500N | =1.03b36 | |
| D-Link DSR-500N | =1.03b43 | |
| D-Link DSR-500N | =1.04b58 | |
| D-Link DSR-500N | =1.06b43 | |
| D-Link DSR-500N | =1.06b53 | |
| D-Link DSR-500N |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://tsd.dlink.com.tw/temp/PMD/12879/DSR-500_500N_1000_1000N_A1_Release_Notes_FW_v1.08B77_WW.pdf
- http://tsd.dlink.com.tw/temp/PMD/12960/DSR-150N_A2_Release_Notes_FW_v1.05B64_WW.pdf
- http://tsd.dlink.com.tw/temp/PMD/12966/DSR-150_A1_A2_Release_Notes_FW_v1.08B44_WW.pdf
- http://tsd.dlink.com.tw/temp/PMD/13039/DSR-250_250N_A1_A2_Release_Notes_FW_v1.08B44_WW_RU.pdf
- http://www.exploit-db.com/exploits/30061
Frequently Asked Questions
What is the severity of CVE-2013-5946?
CVE-2013-5946 has been rated as a high severity vulnerability due to its potential for remote code execution via unauthenticated attackers.
How do I fix CVE-2013-5946?
To fix CVE-2013-5946, users should upgrade their D-Link devices to firmware version 1.08B77 or later for DSR series and corresponding fixed versions for affected models.
Which D-Link models are affected by CVE-2013-5946?
CVE-2013-5946 affects D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500, DSR-500N, DSR-1000, and DSR-1000N models running outdated firmware.
Can CVE-2013-5946 be exploited remotely?
Yes, CVE-2013-5946 can be exploited remotely by attackers without authentication.
What is the nature of the vulnerability in CVE-2013-5946?
CVE-2013-5946 allows remote attackers to execute arbitrary commands on affected D-Link devices.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/references
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/dlink
- canonical/d-link dsr-500
- version/d-link dsr-500/1.08b51
- version/d-link dsr-500/1.02b11
- version/d-link dsr-500/1.02b25
- version/d-link dsr-500/1.03b12
- version/d-link dsr-500/1.03b23
- version/d-link dsr-500/1.03b27
- version/d-link dsr-500/1.03b36
- version/d-link dsr-500/1.03b43
- version/d-link dsr-500/1.04b58
- version/d-link dsr-500/1.06b43
- version/d-link dsr-500/1.06b53
- canonical/d-link dsr-150n
- version/d-link dsr-150n/1.05b48
- canonical/d-link dsr-250n firmware
- version/d-link dsr-250n firmware/1.08b39
- version/d-link dsr-250n firmware/1.01b46
- version/d-link dsr-250n firmware/1.01b56
- version/d-link dsr-250n firmware/1.05b20
- version/d-link dsr-250n firmware/1.05b53
- version/d-link dsr-250n firmware/1.08b31
- canonical/d-link dsr-1000ac
- version/d-link dsr-1000ac/1.08b51
- version/d-link dsr-1000ac/1.01b50
- version/d-link dsr-1000ac/1.02b11
- version/d-link dsr-1000ac/1.02b25
- version/d-link dsr-1000ac/1.03b12
- version/d-link dsr-1000ac/1.03b23
- version/d-link dsr-1000ac/1.03b27
- version/d-link dsr-1000ac/1.03b36
- version/d-link dsr-1000ac/1.03b43
- version/d-link dsr-1000ac/1.04b58
- version/d-link dsr-1000ac/1.06b43
- version/d-link dsr-1000ac/1.06b53
- canonical/d-link dsr-150
- version/d-link dsr-150/1.08b29
- version/d-link dsr-150/1.05b29
- version/d-link dsr-150/1.05b35
- version/d-link dsr-150/1.05b46
- version/d-link dsr-150/1.05b50
- canonical/d-link dsr-250
- version/d-link dsr-250/1.08b39
- version/d-link dsr-250/1.01b46
- version/d-link dsr-250/1.01b56
- version/d-link dsr-250/1.05b20
- version/d-link dsr-250/1.05b53
- version/d-link dsr-250/1.08b31
- canonical/d-link dsr-1000n
- version/d-link dsr-1000n/1.08b51
- version/d-link dsr-1000n/1.01b50
- version/d-link dsr-1000n/1.02b11
- version/d-link dsr-1000n/1.02b25
- version/d-link dsr-1000n/1.03b12
- version/d-link dsr-1000n/1.03b23
- version/d-link dsr-1000n/1.03b27
- version/d-link dsr-1000n/1.03b36
- version/d-link dsr-1000n/1.03b43
- version/d-link dsr-1000n/1.04b58
- version/d-link dsr-1000n/1.06b43
- version/d-link dsr-1000n/1.06b53
- canonical/d-link dsr-500n
- version/d-link dsr-500n/1.08b51
- version/d-link dsr-500n/1.02b11
- version/d-link dsr-500n/1.02b25
- version/d-link dsr-500n/1.03b12
- version/d-link dsr-500n/1.03b23
- version/d-link dsr-500n/1.03b27
- version/d-link dsr-500n/1.03b36
- version/d-link dsr-500n/1.03b43
- version/d-link dsr-500n/1.04b58
- version/d-link dsr-500n/1.06b43
- version/d-link dsr-500n/1.06b53