Lucene search

K
nvd[email protected]NVD:CVE-2014-8361
HistoryMay 01, 2015 - 3:59 p.m.

CVE-2014-8361

2015-05-0115:59:01
web.nvd.nist.gov
14

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

Low

EPSS

0.97

Percentile

99.8%

The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.

Affected configurations

Nvd
Node
dlinkdir-905lMatcha1
OR
dlinkdir-905lMatchb1
AND
dlinkdir-905l_firmwareRange2.05b01
Node
dlinkdir-605lMatcha1
AND
dlinkdir-605l_firmwareRange1.14b06
Node
dlinkdir-600lMatcha1
AND
dlinkdir-600l_firmwareRange1.15
Node
realtekrealtek_sdkMatch-
Node
dlinkdir-619lMatcha1
AND
dlinkdir-619l_firmwareRange1.15
Node
dlinkdir-809Matcha1
OR
dlinkdir-809Matcha2
AND
dlinkdir-809_firmwareRange1.04b02
Node
dlinkdir-605lMatchb1
AND
dlinkdir-605l_firmwareRange2.07b02
Node
dlinkdir-605lMatchc1
AND
dlinkdir-605l_firmwareRange3.03b07
Node
dlinkdir-619lMatchb1
AND
dlinkdir-619l_firmwareRange2.07b02
Node
dlinkdir-600lMatchb1
AND
dlinkdir-600l_firmwareRange2.056b06
Node
dlinkdir-501_firmwareRange1.01b04
AND
dlinkdir-501Matcha1
Node
dlinkdir-515_firmwareRange1.01b04
AND
dlinkdir-515Matcha1
Node
dlinkdir-615_firmwareMatch10.01b02
AND
dlinkdir-615Matchj1
Node
dlinkdir-615_firmwareRange6.06b03
OR
dlinkdir-615_firmwareMatch10.01b02
AND
dlinkdir-615Matchfx
Node
atermwg1900hp2_firmwareRange1.3.1
AND
atermwg1900hp2Match-
Node
atermwg1900hp_firmwareRange2.5.1
AND
atermwg1900hpMatch-
Node
atermwg1800hp4_firmwareRange1.3.1
AND
atermwg1800hp4Match-
Node
atermwg1800hp3_firmwareRange1.5.1
AND
atermwg1800hp3Match-
Node
atermwg1200hs2_firmwareRange2.5.0
AND
atermwg1200hs2Match-
Node
atermwg1200hp3_firmwareRange1.3.1
AND
atermwg1200hp3Match-
Node
atermwg1200hp2_firmwareRange2.5.0
AND
atermwg1200hp2Match-
Node
atermw1200ex_firmwareRange1.3.1
AND
atermw1200exMatch-
Node
atermw1200ex-ms_firmwareRange1.3.1
AND
atermw1200ex-msMatch-
Node
atermwg1200hs_firmware
AND
atermwg1200hsMatch-
Node
atermwg1200hp_firmware
AND
atermwg1200hpMatch-
Node
atermwf800hp_firmware
AND
atermwf800hpMatch-
Node
atermwf300hp2_firmware
AND
atermwf300hp2Match-
Node
atermwr8165n_firmware
AND
atermwr8165nMatch-
Node
atermw500p_firmware
AND
atermw500pMatch-
Node
atermw300p_firmware
AND
atermw300pMatch-
VendorProductVersionCPE
dlinkdir-905la1cpe:2.3:h:dlink:dir-905l:a1:*:*:*:*:*:*:*
dlinkdir-905lb1cpe:2.3:h:dlink:dir-905l:b1:*:*:*:*:*:*:*
dlinkdir-905l_firmware*cpe:2.3:o:dlink:dir-905l_firmware:*:*:*:*:*:*:*:*
dlinkdir-605la1cpe:2.3:h:dlink:dir-605l:a1:*:*:*:*:*:*:*
dlinkdir-605l_firmware*cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*
dlinkdir-600la1cpe:2.3:h:dlink:dir-600l:a1:*:*:*:*:*:*:*
dlinkdir-600l_firmware*cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:*
realtekrealtek_sdk-cpe:2.3:a:realtek:realtek_sdk:-:*:*:*:*:*:*:*
dlinkdir-619la1cpe:2.3:h:dlink:dir-619l:a1:*:*:*:*:*:*:*
dlinkdir-619l_firmware*cpe:2.3:o:dlink:dir-619l_firmware:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 571

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

Low

EPSS

0.97

Percentile

99.8%