D-Link DIR-818LW Improper Neutralization of Special Elements used in a Command (‘Command Injection’) Vulnerabilities

Summary

An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MTU field to SetWanSettings.

Credit:

The information has been provided by TeamSeri0us

The original article can be found at:

https://github.com/TeamSeri0us/pocs/blob/master/iot/dlink/dir818-3.pdf

https://github.com/TeamSeri0us/pocs/blob/master/iot/dlink/dir818-4.pdf


Details

D-Link DIR-818LW is prone to multiple command-injection vulnerabilities.Exploiting these issues could allow an attacker to execute arbitrary commands in the context of the affected device. Failed exploit attempts will likely result in denial-of-service conditions

Vulnerable Systems:

D-Link DIR-818LW 2.06betab01

CVE Information:

CVE-2019-13481

CVE-2019-13482

Disclosure Timeline:
Published Date:07/16/2019