First published: Tue Mar 06 2018(Updated: )
Multiple D-Link routers contain an unspecified vulnerability that allows for execution of OS commands.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
D-link Dir-860l Firmware | <=a1_fw110b04 | |
Dlink Dir-860l | ||
Dlink Dir-865l Firmware | <=reva_firmware_patch_1.08.b01 | |
Dlink Dir-865l | ||
Dlink Dir-868l Firmware | <=a1_fw112b04 | |
Dlink Dir-868l | ||
D-link Dir-880l Firmware | <=reva_firmware_patch_1.08b04 | |
Dlink Dir-880l | ||
Dlink Dir-860l Firmware | <=a1_fw110b04 | |
Dlink Dir-880l Firmware | <=reva_firmware_patch_1.08b04 | |
D-Link Multiple Routers | ||
All of | ||
Dlink Dir-860l Firmware | <=a1_fw110b04 | |
Dlink Dir-860l | ||
All of | ||
Dlink Dir-865l Firmware | <=reva_firmware_patch_1.08.b01 | |
Dlink Dir-865l | ||
All of | ||
Dlink Dir-868l Firmware | <=a1_fw112b04 | |
Dlink Dir-868l | ||
All of | ||
Dlink Dir-880l Firmware | <=reva_firmware_patch_1.08b04 | |
Dlink Dir-880l |
The vendor D-Link published an advisory stating the fix under CVE-2018-20114 properly patches KEV entry CVE-2018-6530. If the device is still supported, apply updates per vendor instructions. If the affected device has since entered its end-of-life, it should be disconnected if still in use.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-6530 is a critical OS command injection vulnerability in multiple D-Link routers.
CVE-2018-6530 affects D-Link DIR-880L, DIR-868L, DIR-865L, and DIR-860L routers.
CVE-2018-6530 has a severity rating of 9.8 (critical).
To fix CVE-2018-6530, you should apply the latest firmware updates provided by D-Link.
You can find more information about CVE-2018-6530 on the D-Link support announcement and GitHub repository links provided in the references.